• November 01, 2024, 03:32:20 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Security Update: Authentication Bypass Vulnerabilities - Dlink 1510 Switch Serie  (Read 5438 times)

varangamin

  • Level 1 Member
  • *
  • Posts: 1
Security Update: Authentication Bypass Vulnerabilities - Dlink 1510 Switch Serie
« on: February 22, 2017, 10:19:25 AM »
Authentication Bypass Vulnerabilities - Dlink 1510 Switch Series

Disclosed by Aditya K Sood and Varang Amin (Independent Security Researchers)

Drink switches are ****e to authentication bypass vulnerabilities which allow the remote users to perform unauthorized operations on the switches thereby resulting in complete control of the switch.

With the authentication bypass, it is possible to:

  • execute remote commands on the switch such as becoming administrator.
    extract information from the switch such as configuration and others.

Dlink has released a patch here: http://forums.dlink.com/index.php?topic=66410.0

We also want to highlight that DLink security team worked collaboratively with us to fix the issue within a month including re-testing and releasing the firmware update. The DLink team was very active in communicating with the researchers. In addition, they created a testing environment with the new fixes for us to test the updated firmware.

If you have any specific questions, feel free to let us know.

Thanks
« Last Edit: February 23, 2017, 09:41:02 AM by FurryNutz »
Logged