Authentication bypass in D-Link DIR-850L | Traficom
Skip to main content
National Cyber Security Center
Report incidents
Report incidents
Report incidents

Authentication bypass in D-Link DIR-850L

December 31, 2018 at 11:53

It is possible to bypass the WPA authentication of the D-Link DIR-850L wlan router. An attacker can join the network without the required credentials.

The D-Link DIR-850 wlan router will communicate to client that have not completed full a WPA handshake. The client can communicate with the router with IP packets on Data Frames without encryption. An attacker can join the network provided by the affected router without the required credentials, and mount further attacks to the users of the network.

Vulnerability coordination:

The vulnerability was found by Tuomo Untinen of Synopsys Finland. NCSC-FI would like to thank the finder and D-Link for participating in the coordination.

Target of vulnerability

D-Link DIR-850L Rev. Ax Firmware v1.21B06 Beta and older

What is this about?

The has been fixed in Firmware v1.21b07.i9d9 release Sept. 14, 2018, which can be downloaded here:https://support.dlink.com/ProductInfo.aspx?m=DIR-850L

Contact Information

NCSC-FI Vulnerability Coordination can be contacted as follows:

Email: vulncoord@ficora.fi

Please quote the advisory reference [FICORA #1060226] in the subject line.

Telephone:
+358 295 390 230
Monday - Friday 08:00 – 16:15 (EET: UTC+3)

Post:
Vulnerability Coordination
FICORA / NCSC-FI
P.O. Box 313
FI-00561 Helsinki
FINLAND

NCSC-FI encourages those who wish to communicate via email to make use of our PGP key. The PGP key as well as the vulnerability coordination principles of NCSC-FI are available at:

What can I do?

Embedded systems

An embedded system consists of a device and its software. Relatively many of the devices used by consumers can be considered as embedded systems. An example of such systems is a digital set-top box which is necessary for viewing digital TV broadcasts.

Remote

A remotely performed attack can be implemented via an information network connection or similar without accessing the targeted system.

No authentication required

The attack does not require logging into the system subject to attack. As an opposite are such attacks that require the use of a user name and password and, for example, execution of commands when logged into the system.

Security bypass

Security bypass means that by exploiting a vulnerability, the protection intended for restricting the use of the system is bypassed, for example, by directing traffic pass the firewall to a protected network.

Software update patch

Normally, hardware or software manufacturers publish a new version or a partial update for a software or operating system soon after the vulnerability has become public. The update can be available at the same time as the vulnerability is published, but often the users have to wait for the update.

December 31, 2018 at 11:52 Originally published 7.11.2018 time 16:39 Update on 07.11.2018 time 17:31 Added link to D-Link advisory