Exploitation Summary
EIP tracks 1 public exploit for CVE-2017-9675. PoCs published by Enrique Castillo.
AI-analyzed exploit summary This exploit triggers a denial of service (reboot) in D-Link DIR605L routers (firmware <=2.08) by sending a crafted HTTP GET request to the '/Tools/' endpoint. The vulnerability is exploitable unauthenticated from both LAN and WAN.
Description
On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Enrique Castillo · bashdoshardware
https://www.exploit-db.com/exploits/43147
This exploit triggers a denial of service (reboot) in D-Link DIR605L routers (firmware <=2.08) by sending a crafted HTTP GET request to the '/Tools/' endpoint. The vulnerability is exploitable unauthenticated from both LAN and WAN.
Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
D-Link DIR605L firmware <=2.08
No auth needed
Prerequisites:
Network access to the target router (LAN or WAN)
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99084
Vendor Advisory x_refsource_confirm
ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-605L/REVB/DIR-605L_REVB_RELEASE_NOTES_v2.08UIBETAB01_EN.pdf
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/43147/
Scores
CVSS v3
7.5
EPSS
0.3088
EPSS Percentile
96.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
dlink/dir-605l_firmware
2.08b01
Published
Jun 15, 2017
Tracked Since
Feb 18, 2026