D-Link Routers Vulnerability Let Attackers Gain Full Router Control Remotely
A critical unauthenticated Remote Code Execution (RCE) vulnerability has been affecting DSL-3788 routers, allowing attackers to acquire complete control over the router remotely. The flaw has been detected in firmware versions v1.01R1B036_EU_EN and below. This vulnerability was reported by Max Bellia of SECURE NETWORK BVTECH. The vulnerability resides in the webproc CGI component of the […] The post D-Link Routers Vulnerability Let Attackers Gain Full Router Control Remotely appeared first on Cyber Security News.
A critical unauthenticated Remote Code Execution (RCE) vulnerability has been affecting DSL-3788 routers, allowing attackers to acquire complete control over the router remotely.
The flaw has been detected in firmware versions v1.01R1B036_EU_EN and below. This vulnerability was reported by Max Bellia of SECURE NETWORK BVTECH.
The vulnerability resides in the webproc CGI component of the router’s firmware. Attackers could exploit it by sending a specially crafted sessionid to the router.
D-Link Routers Let Attackers Gain Full Control
The flaw lies in the COMM_MakeCustomMsg function within the libssap library, which fails to validate input length properly, leading to a buffer overflow. This oversight enables arbitrary code execution with root privileges.
Collect Threat Intelligence with TI Lookup to Improve Your Company’s Security - Get 50 Free Request
“It is possible to create a request with a specially crafted sessionid that, when received by the webproc CGI, will lead to the execution of arbitrary code. This happens because the function “COMM_MakeCustomMsg” of the libssap library used by the webproc CGI does not check the length of the input, leading to a buffer overflow”, reads the advisory.
Successful exploitation of this vulnerability could have severe consequences:
- Complete Router Takeover: Attackers could gain administrative access to the device.
- Network Compromise: Malicious actors could intercept or manipulate network traffic and compromise connected devices.
- Malware Deployment: The router could be used as a platform for launching further attacks or distributing malware.
Affected Models
D-Link acted promptly upon receiving the report, releasing a patched firmware version. The company emphasized its commitment to user privacy and network security, stating that it has a dedicated task force to address emerging threats.
“D-Link takes network security and user privacy very seriously. We strongly urges all users to install the relevant updates and regularly check for further updates”, the company said.
This incident underscores the importance of timely software updates and proactive vulnerability management in safeguarding network devices.
Find this story interesting! Follow us on Google News, LinkedIn, and X for more instant updates.
The post D-Link Routers Vulnerability Let Attackers Gain Full Router Control Remotely appeared first on Cyber Security News.
