CVE-2013-7052

CRITICAL

D-Link DIR-100 4.03B07 - Insufficiently Protected Credentials via cliget.cgi Script

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-7052.

AI-analyzed exploit summary This document provides a detailed technical analysis of multiple vulnerabilities in the D-Link DIR-100 router, including authentication bypass, weak authentication, information disclosure, CSRF, and XSS. It includes proof-of-concept commands and a thorough explanation of the root causes and exploitation methods.

Description

D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script

Exploits (1)

exploitdb WRITEUP
webappshardware
https://www.exploit-db.com/exploits/31425

This document provides a detailed technical analysis of multiple vulnerabilities in the D-Link DIR-100 router, including authentication bypass, weak authentication, information disclosure, CSRF, and XSS. It includes proof-of-concept commands and a thorough explanation of the root causes and exploitation methods.

Classification
Writeup 100%
Attack Type
Auth Bypass | Info Leak | Xss | Csrf
Complexity
Trivial
Reliability
Reliable
Target: D-Link DIR-100 firmware version 4.03B07
No auth needed
Prerequisites: Network access to the router's web interface
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
http://pigstarter.krebsco.de/report/2013-12-18_dir100.txt
Third Party Advisory, VDB Entry x_refsource_misc
https://www.securityfocus.com/bid/65290

Scores

CVSS v3 9.8
EPSS 0.2468
EPSS Percentile 97.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-522
Status published
Products (1)
dlink/dir-100_firmware 4.03b07
Published Feb 04, 2020
Tracked Since Feb 18, 2026