D-Link Router Serious Vulnerability

Posted on by

It has come to my attention awhile ago that D-Link Routers have a major security hole and was ignored by D-Link for quite some time. I became aware of this huge security problem when listening to the Security Now podcast episode #52. May I say that this security problem is not to be taken lightly as Steven Gibson explained in Security Now and I quote “This vulnerability allows an attacker to execute privileged code on an affected device. When a specific request is sent to an affected device, a traditional stack overflow is triggered, allowing an attacker complete control of the router. With the ability to execute code on the device, it is then possible to apply modified firmware and ultimately compromise the entire network.”, end quote. D-Link released an update in July. A simple rule to follow is turn of UNPnP (universal plug in play). It’s simply dangerous convince feature to use.

D-Link Routers Affected

The D-Link routers that are affected are DI-524 Rev A, DI-524 Rev C, DI-524 Rev D, DI-604 Rev E, DI-624 Rev C, DI-624 Rev D, DI-784 Rev A, EBR-2310 Rev A, WBR-1310 Rev A, and WBR-2310 Rev A. You can identify what router you have by looking at the back (bottom) of the device. Go to D-Link’s support page to help determine what model number and revision number your device has.

How to Apply the Firmware Update

The below firmware update instructions will work on any operating system with a web browser.

  • Download the latest firmware for your device via D-Link’s support page.
  • Open your favorite web browser (ie. Firefox).
  • In the browser type in the address of your router. In most cases it’s http://192.168.01/.
  • Click on the “Tools” menu at the top.
  • Click on “Firmware” on left hand menu.
  • Click on the “Browse” button on the page and locate the firmware you just downloaded.
  • Click “Apply”.

How to Disable UNPnP

  • Open your favorite web browser (ie. Firefox).
  • In the browser type in the address of your router. In most cases it’s http://192.168.01/.
  • Click on the “Misc” menu at the top.
  • Locate “UNPnP Settings” and click on “Disable”.
  • Click “Apply”.

Note: Refer to the emulators to locate exactly where your settings are to disable UNPNP on the D-Link Support web page.

Source: D-Link Support
Source: Security Now episode #52
Source: eEye Digital Security – Advisory

Comments are closed.