Home > Cyber News > Pwned from LAN to WAN: Discontinued D-link Router Full of Flaws
CYBER NEWS

Pwned from LAN to WAN: Discontinued D-link Router Full of Flaws

Owners of a particular D-Link router model are at serious risk of hacking, researcher Pierre Kim claims. The latter has unveiled 10 serious security flaws in D-Link DIR-850L AC1200 Dual Band Gigabit Cloud router. His recommendation to users of that model is to disconnect the device from the Internet as soon as possible.

D-Link Discontinued Router Full of Security Vulnerabilities

Even though publicly disclosing vulnerabilities without first getting in touch with the vendor is usually considered unethical at the very least, the researcher has done just that. In defense of his decision, Kim says that D-Link responded inadequately when he contacted them regarding another issue in a different product.

What makes the situation even worse is that the router was recently discontinued by the manufacturer, making it highly likely for it to never be patched. These leaves thousands of users exposed to attacks.

The Dlink 850L is a router overall badly designed with a lot of vulnerabilities. Basically, everything was pwned, from the LAN to the WAN. Even the custom MyDlink cloud protocol was abused. My research in analyzing the security of Dlink 850L routers starts from a recent security contest organized by a security company.,” the researcher says in his report.

D-Link DIR-850L AC1200 Vulnerabilities: Technical Resume

First of all, the disclosed bugs are all categorized as zero-day flaws even though the classical definition of a zero-day is slightly different. The flaws are, indeed, jaw-dropping. They include:

  • A list of bugs in the router’s cloud protocol implementation;
  • RevB routers allowing for backdoor access;
  • No protection for the router’s firmware on revA hardware that would allow an attacker to upload a new image;
  • No authentication and no protection for DNS configuration.
  • A bunch of XSS vulnerabilities;

Here is the complete summary of the flaws:

  1. Firmware “protection”
  2. WAN && LAN – revA – XSS
  3. WAN && LAN – revB – Retrieving admin password, gaining full access using the custom mydlink Cloud protocol
  4. WAN – revA and revB – Weak Cloud protocol
  5. LAN – revB – Backdoor access
  6. WAN && LAN – revA and revB – Stunnel private keys
  7. WAN && LAN – revA – Nonce bruteforcing for DNS configuration
  8. Local – revA and revB – Weak files permission and credentials stored in cleartext
  9. WAN – revB – Pre-Auth RCEs as root (L2)
  10. LAN – revA and revB – DoS against some daemons

This is not the first case of D-Link products being vulnerable. In 2016, a Senrio research team discovered an exploit in some of D-Link’s Wi-Fi cameras that could potentially be used to take full control of hacked devices. The cameras could be deployed for a number of malicious activities, including spying on their owners.

Then, in January 2017, the Federal Trade Commission started suing the Taiwanese router production company because of vulnerabilities in their Wi-Fi routing devices and web cameras.

Two months later, security researcher Varang Amin discovered more flaws in D-Link’s DGS-1510 enterprise switch kit. Fortunately, the flaws were fixed with a firmware update. If the bug, now identified as CVE-2017-6206, was left unpatched, unauthenticated command bypass could have been created that could have led to unauthenticated information disclosure.

As for the current case, owners of the D-Link DIR-850L AC1200 Dual Band Gigabit Cloud router are strongly advised to disconnect their devices from the Internet.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

1 Comment
  1. joe smith

    This is why I have switched to Netgear routers. Its performance is much better than my old D-link routers and secured. Their netgear router support usa is also much better than Dell support. So don’t wait just move on

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree