LTS Secure Warning: Flaws found in D-Link routers

Kaspersky Lab security researchers have discovered four serious vulnerabilities in D-Link DIR-620 wireless router firmware, that can provide access to attackers from anywhere from the world.

These vulnerabilities originally identified in firmware version 1.0.37, later in other versions (1.3.1, 1.3.3, 1.4.0, and 2.0.22).

Technical Details

The latest version of the D-Link firmware has hardcoded credentials, that can provide access to attackers to the firmware and helps to steal confidential data.

Currently, there are 4 critical vulnerabilities that are reported and all the vulnerabilities contain the high severity rate that causes very serious damages.

  1. Reflected cross-site scripting (CVE-2018-6212) – First is a reflected cross-site scripting (XSS) vulnerability in the firmware’s web portal.
  2. Default credentials for web dashboard (CVE-2018-6213) – The second vulnerability involves hard-coded, privileged credentials found by analyzing the firmware’s binaries.
  3. OS command injection (CVE-2018-6211) – An OS command injection vulnerability is possible as a result of incorrect processing of the user’s input data in the following parameter.
  4. Default credentials for Telnet (CVE-2018-6210) – By using the command injection above an attacker can extract Telnet credentials for the router, which are also hardcoded into the firmware.

Impact

This vulnerability mostly affects D-Link wireless router firmware versions (1.3.1, 1.3.3, 1.4.0, and 2.0.22).

Recommended Actions

  • Restrict web dashboard using pre-approved IP address.
  • Restrict any access to Telnet.
  • Regularly update router admin username and password.

 

Kaspersky Lab has released a security advisory about D-Link Routers Vulnerabilities on May 23, 2018.

LTS Secure Locations
  • Florida: 407-965-5509
    Los Angeles: 323-544-5013
    Mid West: 800 689 4506

  • Chicago/Midwest– 2406 Schumacher Drive, Mishawaka, IN, 46545

    201, Tower S4, Phase II, Cybercity, Magarpatta Township, Hadapsar, Pune-411013

Leave us a messages Leave us a messages

← Prev Step

Thanks for contacting us. We'll get back to you as soon as we can.

Please provide a valid name, email, and question.

Powered by LivelyChat
Powered by LivelyChat Delete History