Share

Another HNAP flaw in D-Link routers


CERT recently issued an advisory about a flaw in D-Link routers, specifically, in the parsing of HNAP messages. The advisory warns that “A remote, unauthenticated attacker may be able to execute arbitrary code with root privileges.” That’s as bad as it gets. 

There is a list of D-Link routers known to be vulnerable (DIR-823, DIR-822, DIR-818L, DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L), but Pedro Ribeiro, of Agile Information Security, who found the flaw, warned that “there might be other affected devices.”

And, Marshall Honorof points out that “D-Link gives these models alternate names meant to sound sexier to consumers. For example, the DIR-895L is also known as the AC5300 Ultra Wi-Fi Router. You’ll want to Google the model name, check your router’s administrative login page, or just flip the physical device over to check for the model number.”

Administering a D-Link router

To put this in perspective, HNAP, or the Home Network Administration Protocol, is a network device management protocol dating back to 2007. Cisco, which took over the protocol from Pure Networks in 2008 wrote that



Source link

Leave a Comment