Updating d link firmware

A reader will note that D-Link did have a full advisory with Po Cs for more than 100 days while taking no actions before public disclosure and he/she will surely be able to verify the vulnerabilities by downloading an affected firmware and reversing the binaries (see my blog post for details).D-Link did not make any effort to contact the security researcher even after the initial advisory was published, but it posted its official answers and patches on their website that the security researcher found "by chance".Unfortunately, none of the models listed above appear to be compatible with either firmware.

For example, if you have an Archer C7 version 4, you would choose version 4.Although the router models affected are fairly old, there are almost certainly plenty of these still in operation, as routers tend to be set-it-and-forget-it devices that rarely get replaced or updated unless they stop working.According to Heffner, an attacker who identified a vulnerable router would need merely to set his browser’s user agent string as “xmlset_roodkcableoj28840ybtide”, and he could log in to the router’s administrative interface .However, the corrected firmware still appears to have the backdoor in execution.The only security patches they made were: Following the reaction from D-Link and the lack of quality of the security patches, I finally advise users to trash their affected routers and I encourage security researchers to review security patches provided from D-Link instead of blindly trusting them.

Leave a Reply