SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   D-Link Router Vendors:   D-Link Systems, Inc.
D-Link Router Authentication Bypass Backdoor Lets Remote Users Gain Administrative Access
SecurityTracker Alert ID:  1029174
SecurityTracker URL:  http://securitytracker.com/id/1029174
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  Oct 18 2013
Original Entry Date:  Oct 14 2013
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): firmware v1.13 for the DIR-100 revA
Description:   A vulnerability was reported in D-Link Routers. A remote user can gain administrative access on the target device.

A remote user can send a specially crafted HTTP request with the HTTP User-Agent set to 'xmlset_roodkcableoj28840ybtide' to bypass authentication and gain administrative access on the target device.

The vulnerability is due to a non-secure backdoor.

The following versions are affected:

DI-524 Revision A1
DI-524UP Revision A1/A2
DIR-100 Revision A1
DIR-120 Revision A1
DIR-300 Revision Ax
DIR-300 Revision Ax 1.06b02
DIR-300 Revision B1
DIR-300 Revision B1 2.14b01
DIR-600 Revision B1 and B2
DIR-600 Revision B1 and B2 2.15b01
DIR-600 Revision B5
DIR-600 Revision B5 2.16b05
DIR-615 Revision Dx
DIR-615 Revision Dx 4.14b02
DIR-645 Revision Ax
DIR-645 Revision Ax 1.04b05
DIR-815 Revision Ax
DIR-815 Revision Ax 1.04b02
DIR-845L Revision Ax
DIR-845L Revision Ax 1.01b02
DIR-865L Revision A1
DIR-865L Revision A1 1.05b07
DSL-320B Revision D2
DSL-320B Revision D2 1.25
DSL-321B Revision D2
DSL-321B Revision D2 1.02

Other devices may also be affected.

The original advisory is available at:

http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/

Craig from /dev/ttyS0 reported this vulnerability.

Impact:   A remote user can gain administrative access on the target device.
Solution:   The vendor has issued a fix for some versions. The vendor is working on a fix for some versions.

A patch matrix is available in the vendor's advisory.

The vendor's advisory is available at:

http://www.dlink.com/be/fr/support/security

Vendor URL:  www.dlink.com/be/fr/support/security (Links to External Site)
Cause:   Authentication error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC