D-Link Security Flaw Impacts 120-and-More Products, 400K Devices

Vulnerability in webcam's code uncovered in June 2016 was exploited on products of a manufacturer, impacting over 120 items along with 400,000 separate devices. The vulnerability pertaining to pre-authentication that security researchers of 'Senrio' uncovered at first appeared inside D-Link's DCS-930L, an Internet Protocol surveillance camera of the wireless variety which's controlled remotely. The security flaw of stack overflow kind lets attackers to execute remote code on host device.

As per founder and CTO Stephen A. Ridley at Senrio, who's scheduled to attend the 2016 ICS Cyber Security Conference related to SecurityWeek, it was possible to substitute his default reset module for passwords with an exploit that could act effectively.

For that, an attacker merely requires suitably incorporating the particular exploit into target D-Link device's firmware. He just requires altering the memory characters the place for the exploit's execution so vulnerability can be targeted in the gadget's particular firmware.

After carrying out an assessment about D-Link's network routers, household security gadgets, and IoT gadgets, the company informed Senrio about over 120 devices getting impacted. According to Ridley, the impacted devices include a good number of his company's products.

During January this year (2016) Vectra Networks compromised the wireless webcam of D-Link as well as utilized the gadget for making one permanent access point inside organizations' networks. An online search with Shodan to get results for DCS-930L camera returns 55K devices that can be publicly accessed, exposing over 400K D-Link gadgets. Threatpost.com posted this, July 7, 2016.

Although all problems would be solved, confirmed D-Link, however, it would be extremely difficult and slow to upgrade firmware in connection with IoT devices. For, the time taken for implementing any firmware update is enough to convert the particular D-Link device into a bot.

Usually for saving costs while also reduce manufacturing time; producers frequently go for firmware code reuse over their product line. Nevertheless, code reuse enables attackers to easily abuse certain firmware component no matter if it's small for executing assaults on multiple products. This can be particularly perilous with industrial control systems and medical devices, warns Ridley. Quintessentially, code reuse means reusing security flaw.

» SPAMfighter News - 7/13/2016