During the lockdown, I was in my hometown, and my brother was not giving the router dashboard access as I always set QoS to my systems.
"Necessity is the mother of invention."
It needed to chain two issues for successful exploitation.
- It had a need_auth parameter for the dashboard endpoint, which was called frequently; I tried to set it to "no," but it didn't work. So I completely removed the parameter from all the requests.
- Although I could access the dashboard after this, I could not perform any action because the "jsonrpc" endpoint was called every time. So, I bypassed this by replacing it with another endpoint, "devinfo," which has a "200" response code.
