A South Korean security researcher (Pierre Kim) has published the details of several vulnerabilities in the firmware of D-Link DIR 850L routers. He decided to publish the details on the internet without providing D-Link chance to release patches because of the way the company managed fixing and coordination for earlier reported issues.
The vulnerabilities can be exploited from both the router’s local area network (LAN) and external (WAN) connections to give the attackers the ability to intercept traffic, upload malicious firmware, or root the whole device.
According to the researcher:
“The Dlink 850L is a router overall badly designed with a lot of vulnerabilities.
Basically, everything was pwned, from the LAN to the WAN. Even the custom MyDlink cloud protocol was abused.
My research in analyzing the security of Dlink 850L routers starts from a recent security contest organized by a security company.
The Dlink 850L has 2 versions of these routers with very slight hardware modifications.
The contest targeted the first version (revisionA) but I (unfortunately) received the wrong version, revisionB (thank you Amazon!), which was not eligible for the contest.”
The researcher also found vulnerabilities in the MyDLink cloud service, which allows users to access their D-Link devices from anywhere over the Internet.