• April 18, 2024, 12:16:18 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DIR-825 B1 Firmware Version: 2.07NA wide open to outside UpNp exploit.  (Read 16863 times)

ThatOtherGuy

  • Level 1 Member
  • *
  • Posts: 5

Writing this hoping to see how DLink intends to respond to this very large hole. As someone who works in security this is 2 week old news to me but is probably new to everyone else "Hopefully not dlink devs".

So the DIR 825 along with millions of other routers are vulnerable to an outside upnp exploit basically means somebody from outside can root your router and for example open up whatever ports they want.

Upnp has its own issues but it useful for those who don't want to open up a port every time some app might need a specific port but was never meant to be accessible from outside your network, Until now.

This is not some bizarre proof of concept or something that is even hard to pull off and what it would give is access to your entire private network and everything that might entail.

You can test if your router is vulnerable at this link. It's owned by Steve Gibson. Many of you probably know of him, Somewhat of a celebrity in the security world. There is a upnp exposure test you can do right off the main page. It also explains whats happening and even shows you the code being used, Quite fascinating actually.

Code: [Select]
http://www.grc.com/default.htm
Sorry to have to link to a site but its the only way it can be demonstrated and tested in a manner in which  anyone can verify for themselves and understand.  


One useful note. A older FW version 2.03NA was not vulnerable but the 2.02NA was so is the new 2.07MA one I have sitting next to me.  I was hoping the latest FW revision would have this addressed seeing as 2.03 did not have this issue but unfortunately this is not the case.

I won't get much more into it then this cause there is more info and details on the link I posted but I and I am sure Steve will be interested in seeing how you intend to respond to this as well as all the other router manufacturers.

For the moment I have told everyone I know with vulnerable routers to simply turn off upnp which does solve the problem and instead to forward the ports as needed until this gets fixed or they buy a new one that is not vulnerable.




« Last Edit: February 15, 2013, 03:40:30 AM by ThatOtherGuy »
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DIR-825 B1 Firmware Version: 2.07NA wide open to outside UpNp exploit.
« Reply #1 on: February 15, 2013, 07:40:41 AM »

Yes it has been reported:
http://forums.dlink.com/index.php?topic=52420.0

Have you been in contact with DLink in regards to this? The best way to let them know would be to Phone contact them about it.

I'm sure they would be working on reviewing the information about it.
It takes time once, I presume, that if it needs to be fixed, for it to be fixed, tested and then released to the public.

Let us know what they say. Thanks for sharing.
« Last Edit: February 15, 2013, 08:03:49 AM by FurryNutz »
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

ThatOtherGuy

  • Level 1 Member
  • *
  • Posts: 5
Re: DIR-825 B1 Firmware Version: 2.07NA wide open to outside UpNp exploit.
« Reply #2 on: February 15, 2013, 12:35:47 PM »

My track record with the "Contact Us" feature of most company's is pretty bad so I didn't bother. I also thought about calling but figured whoever would answer wouldn't know what I was talking about.  Figured I would simply wait and see but now its been a few weeks so thought it worth a mention.

Good however somebody else reported it and hopefully this gets fixed.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DIR-825 B1 Firmware Version: 2.07NA wide open to outside UpNp exploit.
« Reply #3 on: February 15, 2013, 12:40:26 PM »

We always recommend phone contact with DLink and then asking for Level 2 or higher support for issues like this.

Hope it will be resolved. If you do seem to experience issues to do this condition, you can alway disable uPnP I believe. Or again, phone contact DLink support and get some immediate help. I think sometimes if the problem is critical, there usually is a short turn around time before they will privately send you a fix via email while they complete testing and get it released to the public.

« Last Edit: February 15, 2013, 12:49:11 PM by FurryNutz »
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

ThatOtherGuy

  • Level 1 Member
  • *
  • Posts: 5

Well like I said upnp is off. The only "Fix" they can do is a firmware update to the router and I doubt calling them will make that happen any faster.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting

You wont know that untll you try. If not, guess everyone will have to be patient to see if DLink reviews this and comes out with a fix it they deem it necessary. Time will tell.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

ThatOtherGuy

  • Level 1 Member
  • *
  • Posts: 5

You must be somewhat unaware of how severe this flaw is. If they deem this not worthy to fix or take months to do so I would have to deem them a company that doesn't even care about their customers security.

The problem has already been known for a month now and a fix should be pushed asap and if a fix is not possible via FW they should be upfront about it and just say so.

FYI the DIR-825 is not the only DLink router with the issue many of them have it. They should be making this a priority before people start reporting them to consumer watchdogs for selling faulty products.

« Last Edit: March 01, 2013, 04:37:02 PM by ThatOtherGuy »
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting

If your concerned about your router and the security issues of it regarding this exploit, then you'll need to phone contact DLink support and talk to someone about it. This issue is beyond any means of resolving here in the forums by anyone. It will be up to DLink to review the information and go from there. If people choose not to phone in then everyone needs to be patient and see what Dlink does to resolve this issue. Again, if your highly concerned about the security issue, call DLink and talk to someone and get some information for your peace of mind.

Until we hear back about this issue, this thread is close until someone has more information.

Good Luck.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.