what you don't know can hurt you

D-Link DIR-601 Failed Password Change Control

D-Link DIR-601 Failed Password Change Control
Posted May 4, 2018
Authored by Joe Gray

D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext.

tags | advisory
advisories | CVE-2018-10641
MD5 | 2bc35aa0b8ce506be32b1d117141cf82

D-Link DIR-601 Failed Password Change Control

Change Mirror Download
 [Suggested description]
D-Link DIR-601 A1 1.02NA devices do not require the old password for a
password change, which occurs in cleartext.

------------------------------------------

[Additional Information]
Insecure Authentication Practices in D-LINK DIR-601 Router, Hardware
version A1, Firmware Version 1.02NA

When logging into the router, the authentication module passes the
username and password BASE64 encoded vice encrypted. When changing the
password a) no current password is required; and b) it passes the new
password and username in plain text. There is also no support for
HTTPS connections to the router.

Due to no schedule viability D-Link asks that two items are mentioned in
disclosure:

a) For this out of service router, users are encouraged too used DD-WRT
firmware here <http://www.dd-wrt.com/site/support/router-database>
b) They can contact support@dlink.com for the latest information on
updates.

------------------------------------------

[VulnerabilityType Other]
Weak Authentication and No HTTPS support

------------------------------------------

[Vendor of Product]
D-Link

------------------------------------------

[Affected Product Code Base]
DIR 601 - Hardware A1, Firmware 1.02NA

------------------------------------------

[Affected Component]
Login, Password Changing

------------------------------------------

[Attack Type]
Context-dependent

------------------------------------------

[Impact Information Disclosure]
true

------------------------------------------

[Attack Vectors]
To exploit this, an attacker must have a proxy or man-in-the-middle attack
completed and be able to discern the URLs to intercept passed parameters.

------------------------------------------

[Has vendor confirmed or acknowledged the vulnerability?]
true

------------------------------------------

[Remediation]
Due to no schedule viability D-Link asks that two items are mentioned in
disclosure:

a) For this out of service router, users are encouraged too used DD-WRT
firmware here
b) They can contact support@dlink.com for the latest information on
updates.

------------------------------------------
[References]
http://us.dlink.com/security-advisories/
<http://us.dlink.com/security-advisories/>
https://advancedpersistentsecurity.net/cve-2018-10641/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10641



Joe Gray


Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    1 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close