D-Link Routers Multiple Vulnerabilities

Last Update Date: 17 Mar 2017 Release Date: 16 Mar 2017 4260 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in D-Link DIR routers. An attacker could bypass the authentication of the remote login page and obtain administrator credentials for D-Link DIR-130 and DIR-330, while one could overflow the buffer and execute arbitrary code as root on D-Link DIR-850L.

 

Note: No patches are currently available.

 

Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • DIR-130 firmware version 1.23
  • DIR-330 firmware version 1.12
  • DIR-850L firmware versions 1.14B07, 2.07.B05

 

Solutions

  • No patches are currently available.
  • For DIR-850L, beta firmware versions (1.14B07 h2ab BETA1 and 2.07B05 h1ke BETA1) are released.
    http://support.dlink.com/ProductInfo.aspx?m=DIR-850L
  • Workaround:
    Only allow connections from trusted hosts and networks. Disable remote administration of the device.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Internet Explorer & Edge Remote Code Execution Vulnerability

27 Feb 2017 5313 Views

Next

Drupal Multiple Vulnerabilities

16 Mar 2017 4163 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY