---------------------------------------------------------------------- Accurate Vulnerability Scanning No more false positives, no more false negatives http://secunia.com/vulnerability_scanning/ ---------------------------------------------------------------------- TITLE: D-Link Router DI-524 HNAP Security Bypass Vulnerability SECUNIA ADVISORY ID: SA38214 VERIFY ADVISORY: http://secunia.com/advisories/38214/ DESCRIPTION: A vulnerability has been reported in the D-Link router DI-524, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to the HNAP (Home Network Administration Protocol) implementation not properly restricting access to certain administrative functionality. This can be exploited by a normal user to e.g. set the administrator's password via a specially crafted HNAP request. Successful exploitation requires valid user credentials. The vulnerability is reported in DI-524 hardware version C1 with firmware version 3.23. Other models and firmware versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: SourceSec DevTeam ORIGINAL ADVISORY: http://www.sourcesec.com/Lab/dlink_hnap_captcha.pdf ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------