21 C
Jaipur
Thursday, October 29, 2020

Vulnerabilities in D-Link Routers Allows Hackers Gain Complete Control

Must read

How To Use pulseaudio-dlna To Stream Audio From Ubuntu 20.10 To Chromecast Devices

pulseaudio-dlna is a streaming server which allows streaming audio from your Linux computer to a Chromecast or DLNA / UPNP device in the same...

Nokia cuts full-year profit forecast, announces new strategy – Latest News

STOCKHOLM/HELSINKI: Nokia cut its full-year profit forecast even as the telecom network equipment maker's quarterly underlying profit met expectations in its first earnings under...

payments technology: JPMorgan backs UK payments technology company Icon Solutions – Latest News

JPMorgan Chase & Co has made a strategic investment in Icon Solutions, a UK-based company that advises and provides technology to banks to help...

tcl 4k tv: TCL expands its smart TV lineup with TVP615 Android TV, price starts at Rs 23,999

Expanding its smart TV lineup, consumer electronics brand TCL has launched its latest 4K UHD TV -- TVP615 in India. The TV runs

Set of 4 Vulnerabilities are discovered in D-Link DIR-620 firmware that allows an attacker to exploit with the hardcoded default credentials to gain high privileged access to the firmware.

D-Link routers are one of the biggest ISPs in Russia based on the Router login string contains hardcoded credentials with the name of the ISP.

The Vulnerabilities allow attack could gain the privileged access to the firmware that leads to extract the sensitive data such as Plain text Passwords.

It also affected the web interface that allows an attacker to run arbitrary commands in the router’s operating system and arbitrary JavaScript code in the user environment.

These vulnerabilities initially identified in firmware version 1.0.37 and the few vulnerabilities affected other versions( 1.3.1, 1.3.3, 1.4.0, 2.0.22) of the firmware.

 D-Link Routers Vulnerabilities

There are 4 critical vulnerabilities are reporting and all the vulnerabilities contain the high severity rate that causes very serious damages.

  1. Reflected cross-site scripting (CVE-2018-6212)
  2. Default credentials for web dashboard (CVE-2018-6213)
  3. OS command injection  (CVE-2018-6211)
  4. Default credentials for Telnet (CVE-2018-6210)

Cross-site scripting(XSS)

Researchers discovered reflected cross-site scripting(XSS) vulnerability in one the D-link router field due to poor user data validation and incorrect processing of the XMLHttpRequest object.

This vulnerability was discovered in v.1.3.3 and other versions.

Default credentials for web Dashboard

D-Link contains default credentials for web dashboard which cannot be changed by administrators which leads to attacker gain the sensitive data from Vulnerable routers.

According to Kaspersky Researcher, I extracted strings from the web server binary (httpd), and my attention was immediately drawn to the “anonymous” string. I looked at the function where this string was being used.

OS Command Injection

An OS Command injection vulnerability discovered in D – v.1.0.3  that leads to processing incorrectly user’s input data.

Default Credentials for Telnet

This critical vulnerability allows an attacker to extract Telnet credentials. In this case, the attacker also gain the admin level access by using the default credentials.

Mitigation :

  • Restrict any access to the web dashboard using a whitelist of trusted IPs
  • Restrict any access to Telnet
  • Regularly change your router admin username and password

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How To Use pulseaudio-dlna To Stream Audio From Ubuntu 20.10 To Chromecast Devices

pulseaudio-dlna is a streaming server which allows streaming audio from your Linux computer to a Chromecast or DLNA / UPNP device in the same...

Nokia cuts full-year profit forecast, announces new strategy – Latest News

STOCKHOLM/HELSINKI: Nokia cut its full-year profit forecast even as the telecom network equipment maker's quarterly underlying profit met expectations in its first earnings under...

payments technology: JPMorgan backs UK payments technology company Icon Solutions – Latest News

JPMorgan Chase & Co has made a strategic investment in Icon Solutions, a UK-based company that advises and provides technology to banks to help...

tcl 4k tv: TCL expands its smart TV lineup with TVP615 Android TV, price starts at Rs 23,999

Expanding its smart TV lineup, consumer electronics brand TCL has launched its latest 4K UHD TV -- TVP615 in India. The TV runs

paytm: Parliamentary panel questions Paytm about Chinese investment, storing of data in servers abroad – Latest News

A parliamentary panel on Thursday questioned Paytm representatives about the quantum of Chinese investment in the company and told them that the servers on...