CVE-2017-5633

HIGH

D-Link DI-524 Firmware 9.01 - Cross-Site Request Forgery via CGI Programs

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-5633. PoCs published by Felipe Soares de Souza, cardangi.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in D-Link DI-524 routers, allowing unauthenticated attackers to reboot the device or change admin credentials via crafted HTML pages.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs.

Exploits (2)

exploitdb WORKING POC

by Felipe Soares de Souza · htmlwebappshardware

https://www.exploit-db.com/exploits/40983

View Code ZIP pw:eip

This exploit demonstrates a CSRF vulnerability in D-Link DI-524 routers, allowing unauthenticated attackers to reboot the device or change admin credentials via crafted HTML pages.

Classification

Working Poc 100%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: D-Link DI-524 Wireless 150 Firmware 9.01

No auth needed

Prerequisites: Victim must visit a malicious webpage while authenticated to the router

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by cardangi · poc

https://github.com/cardangi/Exploit-CVE-2017-5633

View Code ZIP pw:eip

This exploit targets CVE-2017-5633, a CSRF vulnerability in D-Link DI-524 Wireless Router firmware 9.01. It allows unauthenticated reboot or admin credential change via crafted HTTP requests.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: D-Link DI-524 Wireless Router Firmware 9.01

No auth needed

Prerequisites: Network access to the router's web interface · Router's IP address

MITRE ATT&CK

T1189 - Drive-by Compromise T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/96475

Exploit, Product, Third Party Advisory, VDB Entry x_refsource_misc

http://seclists.org/fulldisclosure/2017/Feb/70

Scores

CVSS v3 8.0

EPSS 0.0137

EPSS Percentile 80.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-352

Status published

Products (1)

d-link/di-524_firmware 9.01

Published Mar 06, 2017

Tracked Since Feb 18, 2026