CVE-2012-1309

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-1309. PoCs published by Ivano Binetti.

AI-analyzed exploit summary This exploit describes an authentication bypass vulnerability in D-Link DSL-2640B routers by spoofing the MAC address of an already authenticated administrator. The method involves changing the attacker's MAC address to match the admin's, allowing unauthorized access to the router's web management interface.

Description

D-Link DSL-2640B ADSL Router - Authentication Bypass

Exploits (1)

exploitdb WRITEUP

by Ivano Binetti · textwebappshardware

https://www.exploit-db.com/exploits/18511

View Code ZIP pw:eip

This exploit describes an authentication bypass vulnerability in D-Link DSL-2640B routers by spoofing the MAC address of an already authenticated administrator. The method involves changing the attacker's MAC address to match the admin's, allowing unauthorized access to the router's web management interface.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: D-Link DSL-2640B (Firmware Version: EU_4.00; Hardware Version: B2)

No auth needed

Prerequisites: Physical or local network access to the router · Knowledge of the admin's MAC address

MITRE ATT&CK

T1557 - Adversary-in-the-Middle T1134 - Access Token Manipulation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

D-Link DSL-2640B ADSL Router - Authentication Bypass

Exploitation Summary

Description

Exploits (1)

Details