Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[jclarkw]

Apparently there is/was a serious security vulnerability in the DIR-645 whereby a remote hacker could gain administrator access to the router's web-administration interface -- see "http://seclists.org/bugtraq/2013/Feb/150".  After several searches of this forum, I was surprised to find no discussion of this whatsoever.

Did I miss something?

Does firmware revision 1.03 indeed remove this vulnerability?

Are there any other know vulnerabilities of this router?

Any first-hand information would be appreciated. -- jclarkw

[FurryNutz]

I don't know if that site and the use of the (<) is referring to versions 1.03 or less or anything lower than v1.03. I presume it's referring to anything v1.03 and lower. Looking at when v1.03 was released and when this report was posted, I don't think v1.03 has any fixes for this version.

Please phone contact your local regional DLink support office and inquire about this issue. Ask for level 3 or higher support.


Good Luck.

[jclarkw]

I don't know if that site and the use of the (<) is referring to versions 1.03 or less or anything lower than v1.03...

Please phone contact your local regional DLink support office and inquire about this issue. Ask for level 3 or higher support.

The link given above also says, "D-Link has released an updated firmware version (1.03) that addresses this
issue."  Nevertheless, one would like to hear it from D-Link, which apparently has not warned its customers to upgrade, or from some user who has demonstrated that it's actually fixed.

After waiting 20 min on the phone, however, I got an Indian lady who didn't seem to know what I was talking about, went off to" research the issue," and eventually hung up on me.  (I forgot your admonition about getting a third-level tech.)  Not off to a great start with D-Link! -- jclarkw

[FurryNutz]

I would try to call back once more and ask for level 3 tier support.

What is currently loaded on your 645 right now?
Also, what region are you located?

I'll attempt to verify the fix on my 645 loaded with v1.03 after work. I'm located in NA region.

[jclarkw]

What is currently loaded on your 645 right now?
Also, what region are you located?

Well, I haven't opened the box yet, in case I might want to return it; but I could easily flash the 1.03 firmware if were known to fix the issue.

I'm in the east-central US, if that answers your question.

I appreciate your looking into this for us (I presume I'm not alone)! -- jclarkw

[FurryNutz]

I ran the the 4 commands in Mac OSX 10.7.5 on my DIR-645 loaded with v1.03:
1.
<?xml version="1.0" encoding="utf-8"?>
<postxml>
   <result>FAILED</result>
   <message>Not authorized</message>
</postxml>

2.
Results in nothing returned. I presumed if it had returned with results of something then this would fail.

3.
<?xml version="1.0"?>
<ddns4>
Authenication fail</ddns4>

4.
Authentication Fail. Please Login First!

I think if you load v1.03 using the following process, you'll be good to go:
FW Update Process

[jclarkw]

I ran the the 4 commands in Mac OSX 10.7.5 on my DIR-645 loaded with v1.03:
...
I think if you load v1.03 using the following process, you'll be good to go:

Thanks VERY much for verifying this.

This morning I was eventually able to reach a level-3 tech who, after several long holds, confirmed that firmware 1.03 finally eliminates this serious vulnerability.  I pointed out that it would help everyone if (1) D-Link warned users to update firmware because of the vulnerability and (2) Listed the problem as resolved in the release notes of the firmware update.  Thanks again! -- jclarkw

[FurryNutz]

Thank you for sharing your CS information.

Enjoy the router now.