Research

  1. Trusted Managed Security Provider | Solutionary
  2. Research
  3. Vulnerability Disclosures
  4. D-Link DIR-601 TFTP Directory Traversal Vulnerability

D-Link DIR-601 TFTP Directory Traversal Vulnerability

Solutionary ID: SERT-VDN-1013
CVE ID: CVE-2011-4821
Product: D-Link DIR-601 Wireless N 150 Home Router
Application Vendor: D-Link
Vendor URL: http://www.dlink.com
Date discovered: 12/05/2011
Discovered by: Rob Kraus and Solutionary Engineering Research Team (SERT)
Vendor notification date: 12/05/2011
Vendor response date: No Response
Vendor acknowledgment date: No Response

Public disclosure date: 01/20/2012

Type of vulnerability: Directory Traversal - Arbitrary File Access - Read Only Access

Exploit Vectors: Local and Remote

Vulnerability Description: Default installation of the DIR-601 Wireless N 150 Home Router is susceptible to directory traversal attack. A attacker can exploit this vulnerability to retrieve files outside of the TFTP server root directory. The attack is performed against the TFTP server listening on the WAN interface and does not require prior authentication. At this time it appears the vulnerability allows read-only access to files.

Tested on: D-LINK 601 - Attacked using linux platform

Affected software versions: Firmware Version 1.02NA

Impact: A remote attacker may be able to leverage this vulnerability to gain access to system and other configuration files resulting in loss of confidentiality.

Fixed in: Not Fixed

Remediation guidelines: Disable TFTP server access and update the system should a patch become available from the vendor.
Newsletter Sign-up Contact Sales Request Demo

Risk Level: 7.8

(CVSS version 2)

 

High Risk

www.solutionary.com - 866-333-2133