Security News D-Link DWR-932 B owner? Trash it, says security bug-hunter

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
More than 20 vulns in SOHOpeless LTE gateway

If you've got a D-Link DWR-932 B LTE router, you might want to fire it into the sun – or hope that a firmware upgrade lands soon.

Following the consumer broadband industry's consistently lackadaisical attitude to security, the device suffers from everything from backdoor accounts to default credentials, leaky credentials, firmware upgrade vulns and insecure UPnP.

Pierre Kim outlines the litany of SOHOpelessness here, noting that many of the vulns are inherited from the Quanta LTE device that forms the basis of the badge-engineered marvel.

The messes Kim found include:
  • SSH and the telnet daemon are enabled by default, with two backdoor accounts (admin:admin, and root:1234);
  • If an attacker sends a crafted UDP string to the appmgr program, it will launch telnetd;
  • The Wi-Fi Protected Setup (WPS) has a hard-coded PIN (28296607);
  • Should a user decide to generate a different temporary WPS PIN, Kim writes, it's a weak PIN because it's based on srand(time(0));
  • The HTTP daemon, qmiweb is a horror that inherits five vulnerabilities from the Quanta device;
  • Its remote firmware over-the-air update mechanism uses hardcoded credentials (qdpc:qdpc, qdpe:qdpe and qdp:qdp); and
  • For the full set of steak knives: the UPnP configuration allows any user on the LAN to add their own port forwarding rules.
There's more, but the killer Kim points out is that the router has a big processor and lots of memory, and is so badly secured it would be trivial to recruit it into a botnet.

Kim says he contacted D-Link in June, and with no update forthcoming, he says he obtained CERT's advice to publish the vulns. ®


20 vulns??? Really? No update yet? ...simply a shame!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top