Vulnerability26/2018
It is possible to bypass the WPA authentication of the D-Link DIR-850L wlan router. An attacker can join the network without the required credentials.
The D-Link DIR-850 wlan router will communicate to client that have not completed full a WPA handshake. The client can communicate with the router with IP packets on Data Frames without encryption. An attacker can join the network provided by the affected router without the required credentials, and mount further attacks to the users of the network.
Vulnerability coordination:
The vulnerability was found by Tuomo Untinen of Synopsys Finland. NCSC-FI would like to thank the finder and D-Link for participating in the coordination.
Target
- Embedded systems
Attack vector
- Remote
- No authentication required
Impact
- Security bypass
Remediation
- Software update patch
Subject of vulnerability
D-Link DIR-850L Rev. Ax Firmware v1.21B06 Beta and older
What is it about?
The has been fixed in Firmware v1.21b07.i9d9 release Sept. 14, 2018, which can be downloaded here:https://support.dlink.com/ProductInfo.aspx?m=DIR-850L (External link)
Contact Information
NCSC-FI Vulnerability Coordination can be contacted as follows:
Email: vulncoord@ficora.fi
Please quote the advisory reference [FICORA #1060226] in the subject line.
Telephone:
+358 295 390 230
Monday - Friday 08:00 – 16:15 (EET: UTC+3)
Post:
Vulnerability Coordination
FICORA / NCSC-FI
P.O. Box 313
FI-00561 Helsinki
FINLAND
NCSC-FI encourages those who wish to communicate via email to make use of our PGP key. The PGP key as well as the vulnerability coordination principles of NCSC-FI are available at:
What can I do?
Originally published 7.11.2018 time 16:39 Update on 07.11.2018 time 17:31 Added link to D-Link advisory