Security updates: root-lick in vpn routers from d-link

Security updates: root-lick in VPN routers from D-Link

Some d-link routers with vpn function are vulnerable. After successful attacks, attackers were able to export their own commands with root rights. This is usually a complete compromise of advantages.

The routers are dsr-150 / dsr-150n, dsr-250 / dsr-250n, dsr-500 rev. B / dsr-500ac and dsr-1000 rev. B / dsr-1000ac, if this with the firmware 3.17 or an old version running.

Who owns vulnerable devices, should be the hedged firmware v3.17b401c to install. For the models dsr-500, dsr-500n, dsr-1000 and dsr1000n, the support has expired and the devices do not get any security updates.

Possible attacks

The weak points have discovered security researchers from digital defense. How to remove a warning message from d-link, there are no cve numbers for the vulnerabilities. A risk classification is obviously still.

So attacking attacks, battery access to the web interface of the unified service router. The access should be possible directly via the internet and without authentication. Due to insufficient checks, attackers were able to introduce and export their own commands through praporized inquiries.