Thousands of D-Link Wireless Devices Exposed to Hacking
A serious security flaw has been found in D-Link networked devices, leaving users open to attack. The vulnerability was discovered around a month ago by the Senrio Research team using the Shodan search engine. It is estimated that 414,949 D-Link products, including IoT Devices and cameras, are subject to easy hacking. The research firm says that the vulnerability is found in the latest firmware update provided for the D-Link DCS-930L cloud camera.This security breach provides attackers with the ability to overwrite administrative passwords and reconfigure settings to their liking, leaving users vulnerable to spying. As a matter of fact, it only takes one line of code to override the system.
“The vulnerable function copies data from an incoming string to a stack buffer, overwriting the return address of the function,” says Senrio, “This vulnerability can be exploited with a single command which contains custom assembly code and a string crafted to exercise the overflow. The function first copies the assembly code to a hard-set, executable, address. Next, the command triggers the stack overflow and sets the value of the function’s return address to the address of the attacker’s assembly code.”
The flaw in the devices is known as a stack overflow, which is essentially when a computer program tries to use more memory than the call stack has available. In these D-Link cameras, the stack overflow is occurring in a firmware service known as the DCP which processes commands. A hacker can trigger the stack overflow by entering specially designed commands and then enter malicious code into the system.
D-Link said that they will be providing a patch soon and recommended that older D-Link models be pulled from the internet altogether or that the owners of the devices accept the possibility of a security breach.