On April 9, 2018, D-Link was notified by CERT/CC that cloud security solutions provider Akamai had disclosed (report available here) a large number of devices from many manufacturers are potentially vulnerable to UPnP NAT injection. 


The report cited the following D-Link devices may possibly be subject to this vulnerability: 


United States (US) Products: 


DIR-601          Revision A, B, C, E, I

DIR-615          Revisions A, B

DIR-825          Revision A, B, C


Verizon DSL-2750B :: Sticker on base of Unit Verizon Part # DLDSL2750B   Not Affected :: UPnP is disabled on this model

 


Non-US Products:


DIR-620

DSL-2652BU

DSL-2750B revision E

DSL-2750E

DVG-2102S

DVG-5004S

RG-DLINK-WBR2300

DVG-N5402SP


The reported UPnP vulnerability appears to be an industry-wide issue. While our investigation is still ongoing, users may opt for disabling the UPnP services on the device.

블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

펌웨어 버전: 10.03.2

◾ 배포 제품: 
   11AC 기가비트 제품: 
       ipTIME A8004NS-M/A8NS-M/A6004NS-M/A6NS-M/A3004NS-M/A3004NS-Dual/A3004-Dual/A3003NS/A1004NS/A1004/A1004V
   11AC 100Mbps 제품: 
       ipTIME A604M/A604-V3/A3/RingAP/A104/A104NS
   11N 제품: 
       ipTIME N604Black/N104Black/N604T/N604Tplus

◾ 펌웨어 상태: 정식 버전

◾ 변경 사항 : 
     1. 게이밍VPN(미꾸라지) 지원 - A8004NS-M/A8NS-M/A6004NS-M/A6NS-M/A3004NS-M
     2. 밴드 스티어링 지원 - A8004NS-M/A8NS-M/A6004NS-M/A6NS-M/A3004NS-M
     3. KRACK 호환성 패치(전제품) 
     4. USB 성능 업그레이드(일부제품)
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

Security researchers have warned that a new botnet called Reaper has been actively attempting to target unpatched IoT devices that could be vulnerable to attack. D-Link had previously resolved the alleged security issue by releasing firmware patches for DIR-850L, DIR-300, and DIR-600 routers. We urge users to immediately go to their local D-Link support site to update their devices with the latest firmware. 

 

The IoT_Reaper vulnerabilities affect the following products and firmware:

 

DIR-850L  H/W Rev.A1  Firmware Version : 1.14 or earlier version

DIR-850L  H/W Rev.B1  Firmware Version : 2.09 or earlier version 

DIR-300   H/W Rev.Bx  Firmware Version : 2.13 or earlier version

DIR-600   H/W Rev.Bx  Firmware-Version : 2.14 or earlier version

 

Firmware fixes are currently available for the following affected products:

 

DIR-850L    H/W Rev.A1  Requires Security Patch   1.20B03 Beta 

DIR-850L    H/W Rev.B1  Requires Security Patch   2.20B03

DIR-300**   H/W Rev.Bx  Requires Firmware Version 2.14WWB04

DIR-600**   H/W Rev.Bx  Requires Firmware Version 2.18WWB01

 

         **Please note this product is not sold or supported  in the US Region by D-Link (D-Link Systems, Inc./D-Link US/DUS)

 

 

We appreciate and value having security concerns brought to our attention. D-Link (D-Link Systems, Inc.) constantly monitors for both known and unknown threats.

블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

On October 16th, researchers disclosed security vulnerabilities in the widely used standard for Wi-Fi security WPA2 (Wi-Fi Protected Access II) that make it possible for attackers to eavesdrop on Wi-Fi traffic. D-Link has immediately taken actions to investigate this matter. This security concern appears to be an industry-wide issue that will require firmware patches to be provided from the relevant semiconductor chipset manufacturers.

 

D-Link has requested assistance from the chipset manufacturers. As soon as the firmware patches are received from the chipset manufacturers, we will post them on our websites immediately. Please take the following important actions to help protect your privacy:

 

1. Is highly recommended to use encrypted communications protocols such as VPN or HTTPS, especially when delivering confidential information.

2. Check our website regularly for the newest firmware updates.

 

[Update 10/23/17 for products sold in US]

 

Associated CVE IDs for CERT/CC VU number: VU#228519

CVE-2017-13077

CVE-2017-13078

CVE-2017-13079

CVE-2017-13080

CVE-2017-13081

CVE-2017-13082


The WPA2 protocol is ubiquitous in wireless networking. The vulnerabilities described are in the standard requiring a broad product-line and industry correction. Users are encouraged to install updates to affected products and hosts as they are available. For information about a specific product, check the table. Note that the table list below is not exhaustive, and we recommend to check back frequently over the next 30 days.


These WPA-2 vulnerabilities affect the following (US products):

 

mydlink Cameras:

 

Model Ver. Patch Release Final Release

DCS-2132L A1  

DCS-2132L B1  

DCS-2136L A1  

DCS-2230L A1  

DCS-2330L A1  

DCS-2332L A1  

DCS-2530L A2  

DCS-2630L A2  

DCS-2670L A1  

DCS-5009L A1  

DCS-5010L A1  

DCS-5020L A1  

DCS-5029L A2  

DCS-5030L A1  

DCS-5222L A3  

DCS-5222L B2  

DCS-700L A1  

DCS-8000LH A1  

DCS-800L A1  

DCS-8200LH A1  

DCS-820L A1  

DCS-825L A1  

DCS-850L A1  

DCS-855L A1  

DCS-930L A3  

DCS-930L B2  

DCS-931L A1  

DCS-932L A1  

DCS-932L B2  

DCS-933L A1  

DCS-935L A1  

DCS-936L A1  

DCS-942L A3  

DCS-942L B1  

DCS-960L A1  

DSH-C310 A1  

 

COVR WiFi System:

 

Model Ver. Patch Release Final Release

COVR-3902-US A1  

COVR-1300E A1  

 

W-Fi Routers :

 

Model Ver. Patch Release Final Release

DIR-813 A1  

DIR-816 A1/A2 11/14/17  

DIR-827 A1  

DIR-850L A1  

DIR-850L A1 11/22/17  

DIR-850L B1 11/30/17  

DIR-850L B1 11/02/17  

DIR-859 A3  

DIR-859 A3  

DIR-865L A1  

DIR-865L A1  

DIR-867 A1  

DIR-868L A1  

DIR-868L A1 11/09/17  

DIR-869 A1  

DIR-878 A1  

DIR-878 A1  

DIR-879 A1  

DIR-880L A1 11/17/17  

DIR-880L A1/A2  

DIR-880L A2 12/21/17  

DIR-882 A1  

DIR-882 A1  

DIR-885L A1 12/05/17  

DIR-885L A2  

DIR-895L A1 11/27/17  

DIR-895L A1 12/13/17  

DIR-895L A2  

DIR-895L A3  

 

 

WiFi Range Extenders:

 

Model Ver. Patch Release Final Release

DAP-1320 A1 11/27/17  

DAP-1320 B1 11/27/17  

DAP-1320 C1 11/14/17  

DAP-1330 A1  

DAP-1360 A1 11/21/17  

DAP-1360 C2  

DAP-1520 A1 11/17/17  

DAP-1620 A1/A2 11/16/17  

DAP-1650 A1/A2 12/18/17  

DAP-1665 A1/A2  

DAP-1665 B1 01/09/18  

DAP-1720 A1 12/08/17  

DAP-1860 A1 11/10/17  

DAP-2330 Ax 12/11/17 Jan-18

DAP-2360 Bx 11/23/17 Dec-17

DAP-2553 Bx 12/27/17 Jan-18

DAP-2610 Ax 11/20/17 Dec-17

DAP-2660 Ax 11/13/17 Dec-17

DAP-2690 Bx 01/03/18 Feb-17

DAP-2695 Ax 12/06/17 Jan-18

DAP-3320 Ax 12/19/17 Jan-18

DAP-3662 Ax 12/14/17 Jan-18

 

Unified Wireless System Access Points

 

     Important Note for Owners:

 

      In default configuration the unified wireless system products are NOT AFFECTED.

     ONLY If the Wireless Distribution System (WDS) feature is ENABLED will make this ecosystem vulnerable and Affected.

 

     Recommendation: We recommend to disable WDS until patches are made available.

 

Model Ver. Patch Release Final Release Notes

DWL-3610AP A1 Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-6610AP A1 Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-6610AP B1 Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-6610APE B1 Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-8610AP Ax Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-8710AP A1 Not Affected if WDS Disabled / Affected if WDS Enabled

 

 

WiFi Adapters:

 

Model Ver. Patch Release Final Release

DWA-125 D1 11/30/17  

DWA-130 F1 11/28/17  

DWA-131 E1  

DWA-140 D1 11/28/17  

DWA-160 C1  

DWA-171 A1 11/24/17  

DWA-182 C1 11/24/17  

DWA-182 D1 11/30/17  

 

Mobile / WLAN Routers:

 

Model Ver. Patch Release Final Release

DIR-506L A1  

 

Power-Line Networking:

 

Model Ver. Patch Release Final Release

DHP-W310AV C1 11/28/17 Dec-17

DHP-W610AV A1 12/15/17 Dec-17

DHP-W610AV B1 11/10/17 Nov-17

 

Smart Home Products:

 

Model Ver. Patch Release Final Release

DSP-W215 A2 11/27/17  

 

DSL Gateway

Model Ver. Patch Release Final Release Notes

DSL-2750B T1/T2 Not Affected

DSL-2750B-SG T1 Not Affected

DSL-2750B-US T1 Not Affected

블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

□ 개요

 o 최근 MS오피스 DDE 기능을 이용한 악성코드 유포 사례(악성 이메일 발송)가 확인되고 있어 이용자의 주의를 당부함

    ※ DDE(Dynamic Data Exchange) : MS 오피스 프로그램에 내장된 정상기능으로 프로그램 간 데이터를 공유하기 위해 사용

 

□ 악성코드 유포 사례

 o 악성문서 첨부 된 이메일 유포

1

 o 악성 첨부파일 열람 시 아래 메시지가 발생

2
3
  - '예(Y)'를 선택하면 악성코드 감염

□ 유의 및 조치사항

 o (보안담당자) 첨부 파일이 포함된 메일에 대한 검사 강화

 o (이용자) 출처가 불분명한 메일은 삭제 또는 스팸처리, 118사이버민원센터로 신고하고 MS 오피스의 DDE 기능 불필요 시

    해제 및 사용 주의

  - 해제 방법(Office word 2013 기준)

     ①MS워드 실행 → ②메뉴에서 파일 선택 → ③옵션 → ④고급 → ⑤일반 → ⑥'문서를 열 때 자동 연결 업데이트' 체크 해제

4


블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

티스토리 툴바