Routers such as D-Link , Linksys etc. whose web interface uses CGI scripts. We can easily access and change these routers configuration bypassing authentication. CGI is one method by which a web server can obtain data from (or send data to) databases, documents, and other programs, and present that data to viewers via the web.
This vulnerability is powerful as anyone can change router configuration, such as changing passwords, resetting router etc. through any web browser independent of any Operating System. First we need the router IP, which is usually IPV4 Default Gateway IP. We can find this using ipconfig /all command from cmd or checking details of network adapter connected to network from Network and Sharing Center.
Most common default router IPs are 192.168.0.1, 192.168.1.1 etc. Suppose the router IP is 192.168.1.1, we change the URL format of any web page to ends with .cgi.
Ie, we change
Watch this video demonstration for more details. This video shows mainly:
- Accessing router configuration without username and password
- Finding usernames and passwords which are hidden in router
Watch video: https://youtu.be/8GZg1IuSfCs
Some other pages we can directly access like this are: