This script exploits an unauthenticated DNS change vulnerability in D-Link DSL-2740R routers by sending a crafted HTTP GET request to modify the device's DNS settings. The exploit leverages a lack of authentication in the web interface to alter DNS configurations, potentially redirecting traffic to malicious servers.
Classification
Working Poc 95%
Target:
D-Link DSL-2740R (and potentially other D-Link devices)
No auth needed
Prerequisites:
Network access to the target router · libwww-perl installed for the GET command