Throw your backdoored D-Link router in the bin, urges security researcher


A router made by D-Link is so full of bugs and backdoors, owners should throw them away rather than keep using them, claimed a security researcher.

Pierre Kim claimed that as it is so easy to hack the D-Link DWR-932B router that users should bin them as soon as possible.

“As the router has a sizable memory (168 MB), a decent CPU and good free space (235 MB) with complete toolkits installed by default (sshd, proxy (/bin/tinyproxy -c /var/tproxy.conf), tcpdump …), I advise users to trash their routers because it’s trivial for an attacker to use this router as an attack vector (ie: hosting a sniffing tool, LAN hacking, active MiTM tool, spamming zombie),” he said in a posting on Seclists.

The router has 20 vulnerabilities, according to Kim. These also include backdoors, backdoor accounts with easy-to-guess passwords, a default Wi-Fi Protected Setup PIN, and a weak WPD PIN generation algorithm.

He warned that as there was a lack of response from the vendor about the vulnerabilities, he wasn’t expecting any security fixes to the router. He also said that users should stop using the device until fixes are in place.

The router itself is based on Quanta LTE routers, which is a number of vulnerabilities itself. So it is no surprise that the router has inherited a number of problems itself.

Kim said he had contacted D-Link over the issues in June, but he added at the present time, no update has been forthcoming. He also got in contact with CERT and it advised him to publish an advisory if D-Link failed to contact him with security updates.

Mark James, security specialist at ESET, told us that replacing outdated hardware may be the only solution if updates are slow in coming, “the costs of replacing hardware are extremely insignificant when it comes to dealing with malware infections or data breaches.”

He added that making sure updates and firmware fixes are released in a timely manner is of utmost importance.

“Hardware security is just as important as software security but harder to accomplish. Not only is it hard for manufacturers to make the updates available, but even harder still in letting all affected users know about the updates and how to install them. It also needs to be fairly effortless for the end user to apply those updates, over-the-air (OTA) updates come with their own security issues but make it easier for the end user to apply. Whichever process they choose to use will have its challenges but sadly that’s the nature of security, all too often we choose simplicity over security.”

A D-Link spokesperson responded: “Security is of the utmost importance to D-Link across all product lines. This is not just through the development process but also through regular firmware updates to comply with the current safety and quality standards. It has recently been reported that multiple vulnerabilities are found on hardware version B1 of the D-Link DWR-932 4G LTE Mobile Router. Only this end-of-life hardware version B1 is potentially affected by the reported vulnerabilities. The current shipping hardware version D1 or any other hardware versions are not affected. We are currently working vigorously to investigate and verify all the reported vulnerabilities, and will subsequently provide a corrective course of action within the coming days.”

This article originally appeared at scmagazineuk.com

[relatedYouTubeVideos relation=”postTitle” max=”1″ class=”horizontal center bg-black”]



Source link

Please follow and like us: