D-Link WiFi Extender contains vulnerabilities that are vulnerable to malicious attacks
D-Link DAP-X1860 WiFi 6, one of the most commonly used WiFi Extender models on the market today, is said to contain serious vulnerabilities, making them vulnerable to DoS (denial of service) attacks. service) and remote command injection. The product is still widely available for sale by D-Link and has thousands of reviews on Amazon.
WiFi Extender is a type of WiFi booster that extends your main router's internet signal to another location. It connects to the home network via Ethernet or coaxial cable. Essentially, WiFi Extenders work on the model of adding another router to any WiFi 'dead zones' or areas in your home that don't receive an internet signal.
With the identifier CVE-2023-45208, this vulnerability was first discovered by a group of security researchers from the RedTeam team. They tried to warn D-Link many times, but the company remained silent and no fix has been released as of now.
The problem lies in the network scanning function of the D-Link DAP-X1860. Specifically, the device is not capable of parsing SSIDs that contain a check mark (') in the name, misinterpreting it as the end of a command.
Technically, the problem stems from the 'parsing_xml_stasurvey' function in the libcgifunc.so library, which contains a system command to execute.
However, because the product lacks an SSID scanning feature, attackers can easily abuse this for malicious purposes. Within the scope of the extender, it is possible for a hacker to set up a WiFi network and give it the same phishing name that the victim usually uses, but include a check mark in the name, such as 'TipsMake's Network,'. When the device tries to connect to that SSID, this action will generate the error "Error 500: Internal Server Error".
If an attacker adds a second part to the SSID containing a shell command separated by "&&" like "Test' && uname -a &&", the extender will be tricked into executing the 'uname -a' command when setting Network setup/scanning.
All processes on the extender, including any commands injected by an external threat actor, run as root, potentially allowing an attacker to probe other devices connected to the extender expand and continue to infiltrate their network.
The most difficult prerequisite for the attack is forcing a network scan on the target device, but this can be overcome by performing a deauthentication attack.
Several available software tools can generate and send authentication packets to the extender, causing it to disconnect from the main network and forcing the target to perform a network scan.
RedTeam researchers discovered this vulnerability in May 2023 and reported it to D-Link. But so far, the group has not received any response. This means that the D-Link DAP-X1860 is currently still vulnerable, and the relatively simple exploit mechanism makes the situation dangerous.
Owners of the D-Link DAP-X1860 extender should limit manual network scanning, handle suspicious disconnections, and turn off the extender when not in regular use.
Additionally, consider installing IoT devices and range extenders on a separate network, especially for sensitive devices containing personal or work data.
You should read it
- Israel launches the world's first cybersecurity network
- Awareness and experience - the most important factor in every network security process
- Guidelines for securing computer network systems
- [Infographic] 5G network security: What service providers need to know
- What is Network TAP? How does it help secure the system?
- Alarming statistics on the situation of network security in our country in the first half of 2019
- Network security challenges in 2014
- Multiple choice questions about network security implementation have P2 answers
May be interested
- How to change the TP-Link wifi password?in the previous posts, tipsmake.com showed you how to change linksys wifi password and tenda. today, we will share with you how to change the wifi password of tp-link, also a very popular router in vietnam market. please consult.
- Summary of popular network attacks todayfor attacks by exploiting vulnerabilities, hackers must be aware of security issues on the operating system or software and take advantage of this knowledge to exploit vulnerabilities.
- How to create and add TP-Link ID to TP-Link WiFi 6 routertp-link id is a cloud-based account that you can use on all tp-link wifi 6 routers, wifi mesh systems and smart home devices.
- WordPress plugins with more than 300,000 pages that use vulnerabilities are vulnerable to SQL Injection attacksthe sql injection attack capability was found on one of wordpress's most popular plugins, currently installed on more than 300,000 websites. hackers can exploit to steal databases and hijack remote sites.
- How to identify a link is safe?today malicious links appear more and more and are shared through social networks at a dizzying pace. just click on a malicious link that can bring you potential dangers.
- Discovering more vulnerabilities makes Bluetooth devices vulnerable to malicious attacksbut besides the convenience, this connectivity technology has unintentionally increased data security and privacy issues on an individual level.
- Millions of Macs have been updated and can still be hacked via the EFI firmwarebut even if you tried to update all the software for your device, it is still possible that your computer is outdated and vulnerable.
- Microsoft patched a critical vulnerability in Windowsyesterday microsoft patched three vulnerabilities in windows, one of which could be exploited by attacks that trick users into accessing malicious websites.
- How to set up TP-LINK WIFIthe following article i will guide you how to install tp-link wifi modem, other types of modems you can install similarly
- How to change Wifi password, change wifi pass VNPT, FPT, Tenda, TP-Link, Viettel on computer, phonechanging this wifi password will make it easier to change wifi passwords, increase wifi security. here is a summary of how to change wifi pass for the most popular modems, such as: fpt, tenda, tp-link, viettel, please refer.