D-Link vulnerability impacts 400,000 devices

Remote code execution flaw affects more than 120 models across several product lines

dlink
Credit: Soon Koon

Researchers at Senrio have released technical details surrounding a vulnerability in D-Link products, which if exploited, would allow a remote attacker full access to the devices. After being notified earlier this year, D-Link has promised to deliver fixes.

In June, Senrio briefly described the issue on their company blog, and while they used their own custom tools, an attacker could replicate their work in order to target a vulnerable product.

"The vulnerability allows code injection which lets the attacker set a custom password, granting remote access to the camera feed. Thus, even if users create a strong password, this type of exploit can override it. Instead of setting a new password as the exploit, an attacker could just as easily add a new user with administrator access, download firmware or otherwise re-configure this device," June's post explained.

Vulnerable D-Link devices Senrio

Senrio discovered the flaw in a D-Link DCS-930L Cloud Camera, however, because the firmware is used across multiple product lines, D-Link estimates this vulnerability affects "more than 120 models across Connected Home Products, including cameras, routers, access points, modems, and storage..."

According to Shodan.io, there are 414,949 publicly accessible devices impacted by this vulnerability. Searchers for DCS-930L alone return 55,000 results.

D-Link is expected to post a schedule for fixes on support.dlink.com and mydlink.com/support.

However, the device manufacturer says they will prioritize releases based on active products. As such, the older D-Link models will need to be pulled from the Internet altogether, or the owners of said devices will need to accept the risk.

A full Shodan.io report is available now.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.