Router Vulnerability Unveiled

Monday, February 11, 2013 @ 10:02 AM gHale


Attackers can take advantage of a security hole that affects certain D-Link DIR-300 and DIR-600 routers to execute arbitrary code at the root level.

The issue occurs by missing access restrictions and missing input validation in the cmd parameter, said Michael Messner, the security researcher who found the vulnerability.

RELATED STORIES
Junos OS Open to Attacks
Flaws in Universal Plug and Play
Firewall Passes Tough Testing
SIF Interoperability Test Kit Updated

In addition, Messner found that administrator passwords end up stored in plain text.

Cybercriminals can also easily modify passwords since the current password is not required during the process. The only requirement is for the attacker to have access to an authenticated browser.

Experts from heise Security have also analyzed Messner’s findings. They say D-Link routers can also suffer compromise via the Internet.

Cybercriminals could use this to redirect all the Internet traffic to an arbitrary server.

D-Link knows about the problem, but the company doesn’t plan on doing anything about it, saying “this is a security problem from the user and/or browser.”



Leave a Reply

You must be logged in to post a comment.