Home » Gadgets » 850L: D-Link wants to patch critical router vulnerabilities

850L: D-Link wants to patch critical router vulnerabilities

Thursday, September 14th, 2017 | Gadgets

D-Link wants to patch numerous security holes in its router with the designation 850L. The vulnerabilities had previously been uncoordinated by the hacker Pierre Kim. According to his own statement, he had "bad experiences" with the security department of D-Link and justified not to have published in the context of "responsible disclosure".

According to Kim, the firmware of the device can be simply read out and can be exchanged without problems, since no signature check is undertaken. The firmware is protected only by a hardcoded password.
The devices are also vulnerable to cross-site scripting, in which way, for example, certain cookies can be read out. Kim discovered five vulnerabilities.
Security gaps in the cloud service
In addition, D-Links cloud service Mydlink should have several security problems, for example, the device password should be sent in encrypted messages. Kim writes, this would demonstrate "how broken" this service is. By simply monitoring the traffic, attackers could get the necessary data to log in to the router. With the access to the web interface also new firmware versions could be imported.
In addition, on the device the private keys for the proxy encryption Stunnel included and could be read out. Further confidential information such as passwords is stored in / var / passwd in the plaintext. The DHCP service running on the device could also be used to execute commands that are executed with root privileges.

D-Link has introduced "direct" after the publication of the article steps to solve the described problems. At the request of Golem.de, the company announced its intention to provide an update on September 19th.


Rihanna New Songs 2016

Rihanna New Songs 2016 Rihanna New Songs 2016 Vlogs Your Food Is A

MotoGP Misano: Marc Marquez gives Ducati

10. September 2017 – 15:03 Marc Marquez is equal to Andrea Dovizioso by

Kawasaki: 2018 material ensures satisfie

Jonathen Rea confirms with the test season in Portimao that Kawasaki has worked

+++ Exchange ticker +++ - Swiss exchange

08:10 The Swiss Market Index (SMI) increases by 0.2 percent in the pre-market,