search menu icon-carat-right cmu-wordmark

CERT Coordination Center

D-Link DAP-1320 Rev Ax is vulnerable to a command injection

Vulnerability Note VU#184100

Original Release Date: 2015-03-16 | Last Revised: 2015-03-16

Overview

The D-Link DAP-1320 Rev Ax firmware update mechanism contains a command injection vulnerability.

Description

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

A remote unauthenticated attacker may execute commands on the device by taking advantage of the firmware update mechanism. This attack does require interception and manipulation of network communications using commonly available tools.

The D-Link DAP-1320 Rev Ax firmware version 1.11 (released 22 Dec 2013) has been shown to be vulnerable. Other firmware versions prior to version 1.21b05 may also be vulnerable.

Impact

A remote unauthenticated attacker may execute commands on the device by taking advantage of the firmware update mechanism.

Solution

Update the firmware

According to D-Link's security advisory, users should update the firmware of affected devices to version 1.21b05.

Vendor Information

184100
 
Affected   Unknown   Unaffected

D-Link Systems, Inc.

Updated:  March 13, 2015

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

A firmware update is available from the vendor.

Vendor References


CVSS Metrics

Group Score Vector
Base 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C
Temporal 7.8 E:POC/RL:OF/RC:C
Environmental 5.9 CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

Acknowledgements

Thanks to Mike Baucom, Allen Harper, and J. Rach of Tangible Security for discovering and reporting this vulnerability. Tangible Security would also like to publically thank D-Link for their cooperation and desire to make their products and customers more secure.

This document was written by Garret Wassermann.

Other Information

CVE IDs: CVE-2015-2050
Date Public: 2015-03-13
Date First Published: 2015-03-16
Date Last Updated: 2015-03-16 17:02 UTC
Document Revision: 17

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.