D-Link Hardens Firmware For Wireless Bug

firmware buffer

After eEye Digital Security publicly reported the vulnerability last month, D-Link released firmware updates for 10 wireless routers but said that four of the updates were beta firmware intended "for testing purposes only."

A D-Link spokesperson on Wednesday said that by the end of the week, final versions of the firmware will be available for the four routers: the DI-524 Rev A, DI-524 Rev D1, WBR-1310 Rev A and WBR-2310 Rev A models.

Though beta firmware may or may not be stable from a quality-assurance testing standpoint, D-Link likely has been trying to balance that uncertainty against the need to protect customers from a potential exploit, said Ross Brown, COO at eEye Digital Security, Alisa Viejo, Calif.

The vulnerability affects the LAN interface of the D-Link routers and could be exploited by an attacker sending an excessively long M-search string to a device and triggering a stack-based buffer overflow, eEye said in last month's advisory. M-search commands are sent by devices attempting to connect to Universal Plug and Play (UPnP) networks to find other devices on the network.

Sponsored post

A successful exploit could allow an attacker to execute arbitrary code, apply modified firmware and possibly compromise the entire network, according to eEye.

To exploit the flaw, attackers would have to get on a local network by breaking encryption on the wireless router or plug directly into the network. "If they have your administrator password, they can pass packets that can cause routers to reboot," the D-Link spokesperson said.

Vulnerabilities in firmware have been rare, but they're becoming more common as vendors add more sophisticated functionality such as Web services and interfaces, according to Brown.

"With firmware, you're really creating a software product encoded on a chip. And the more functionality firmware has, the more the potential for vulnerabilities," he said.