Security vulnerabilities never end. They just change the form in which they manifest. This theory holds true for users running D-Link DIR-850L AC1200 Dual Band Gigabit Cloud router. According to the security researcher Pierre Kim, the product features over ten serious security vulnerabilities which can easily bypass authentication, allowing an attacker to take full control over the device without the need to exploit any programming or design bugs.
The above loophole is enough to suggest owners to disconnect vulnerable routers from the internet, promptly. So, if you’ve got a D-Link DIR-850L AC1200 router, it’s time to think about replacing it – the holes in the firmware might never be fixed.
Basically, everything was pwned, from the LAN to the WAN. Even the custom MyDlink cloud protocol was abused’ reported Kim.
D-Link router vulnerabilities exposed again
Kim made the flaws public without first coordinating with D-Link, an unusual step he resorted to following the poor response from the company last year to issues he reported to them in another product, the DWR-932B mobile hotspot router.
Second, D-Link’s slow or non-response (and the fact that the AC1200 router was discontinued some months ago), further increases the likelihood that the latest flaws might never be fully patched.
Other vulnerabilities exposed include,
- A litany of weaknesses in the devices cloud protocol implementation
- A lack of protection for the router’s firmware on revA hardware that would allow an attacker to upload a new image. The revB has a hardcoded password
- RevB routers allow backdoor access
- Lots of cross-site scripting (XSS) flaws.
- A lack of authentication protecting DNS configuration
Unfortunately, this isn’t the first time D-Link has been in the headlines for product security. Earlier too, in 2015 security researchers had discovered multiple security holes in D-Link Routers.