Support Announcements
DIR-882-US and DIR-825AC (non-US SKU) :: Cross-Router Covert Channels :: CVE-2019-13263 :: CVE-2019-13264 :: CVE-2019-13265 :: Exploiting Software-Based Router Network Isolation

Overview

 

 

 

 

On August 20, 2019, D-Link became aware of the public disclosure of research findings published in the paper, "Cross-Router Covert Channels." This research was presented at the 13th USENIX Workshop on Offensive Technologies (WOOT '19) by Ben-Gurion of the University of the Negev.

 

 

 D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. 

 

 

Disclosure

 

 

CVE-2019-13263: DIR-825AC Rev. G1:: Insufficient Compartmentalization between a host network and a guest network (DHCP Attack) 

 

 

 

CVE-2019-13264: DIR-825AC Rev. G1:: Insufficient Compartmentalization between a host network and a guest network (IGMP Attack)  

 

 

 

CVE-2019-13265: DIR-825AC Rev. G1:: Insufficient Compartmentalization between a host network and a guest network (ARP Attack)

 

 Affected Products

 

Update DIR-825AC patch FW v1.0.4. 

 

1. This FW patch does not have Cross-Router Covert Channels-IGMP Direct weakness but have other weakness after RD evaluation; these issues were qualified as low-threat and will not be addressed.

 

       a) Cross-Router Covert Channels-DHCP Direct: We cannot block DHCP completely. 

       b) Cross-Router Covert Channels-ARP Direct: It is not a critical threat to the security of devices.

 

 

Model HW Rev. Region Affected FW Fixed FW Recommendation Info Last Update
DIR-825AC All HW Rev Gx  Non-US All Prior to Fix
v1.04Beta Please download & Update
03/06/2020
DIR-882-US All HW Rev Ax  US All Prior to Fix
v1.30b06Beta Please download & Update 05/28/2020

 

Security patch for your D-Link Devices

 

This firmware is an updated security vulnerability in affected D-Link devices. D-Link will update this continually, and we strongly recommend all users to install these relevant updates.

 

As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the product's underside next to the serial number. Alternatively, they can also be found on the device web configuration.