alpha_auth_check() Function Remote Authentication Bypass

critical Nessus Plugin ID 70447


The remote web server is affected by an authentication bypass vulnerability.


The remote web server is affected by an authentication bypass vulnerability due to a flaw in the 'alpha_auth_check()' function. A remote, unauthenticated attacker can exploit this issue by sending a request with the user agent string set to 'xmlset_roodkcableoj28840ybtide'. This could allow the attacker to bypass authentication and gain access to the device using a vendor-supplied backdoor.

Note that several D-Link and Planex model routers are reportedly affected by this issue.


If the affected router is a DIR-100, DIR-120, DI-524, DI-524UP, DI-604UP, DI-604+, DI-624S, or TM-G5240, apply the appropriate firmware update. Otherwise, contact the vendor or replace the router.

See Also

Plugin Details

Severity: Critical

ID: 70447

File Name: dlink_router_user_agent_auth_bypass.nasl

Version: 1.11

Type: remote

Family: CGI abuses

Published: 10/15/2013

Updated: 1/19/2021

Risk Information


Risk Factor: Medium

Score: 6.7


Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:d-link:router

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 10/12/2013

Reference Information

CVE: CVE-2013-6026

BID: 62990

CERT: 248083