• Home Support Forums Security Advisories Shop     English | French
Support Announcement
DIR-859 :: Ax :: FW v1.06b01_Beta01 and older :: CVE-2019–17621 :: Unauthenticated Remote Code Execution and CVE-2019-20213:: information Disclosure LAN-Side Security Vulnerability

Overview

 

Critical Update: On December 26,2019 the scope of this was expended to include additional models referenced HERE.

 

On October 16, 2019, third party security experts accused the DIR-859 using the latest available firmware v1.06b01_Beta01 of having a security vulnerability that allowed a malicious user an unathenticated remote command execution on the LAN-Side (in-home) filed under CVE-2019-17621 and CVE-2019-20213. Additional releated research discovered CVE-2019-20215, CVE-2019-20216, and CVE-2019-20217 that are UPnP RCE in MSEARCH via the ssdpcgi() cgi interpreter.

 

In order for this security exploit to be done a malicious user would have to get access to the LAN-side or in-home access to the device which narrows the risk of an attack considerably. Regardless we appreicate the 3rd parties report, confirmmed and released patches to close this issue.


D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures.

 

Disclosure  

 

3rd Party Security Expertise

              - Miguel Mendez Z. — (s1kr10s) - Research Center at Telefónica Chile

          - Pablo Pollanco — (secenv)  - Research Center at Telefónica Chile

 

          -  CVE-2019-17621 ::

             - (English) https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f

             - (English) https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104

             - (Spanish) https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9

 

            -  CVE-2019-20213 :: 

             - (English) https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f

             - (Spanish) https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03

 

            -  CVE-2019-20215 :: 

             - (English) https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-rce-in-ssdpcgi-http-st-cve-2019-20215-en-2e799acb8a73

             - (English) https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-20215

             - (Spanish) https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-rce-en-ssdpcgi-http-st-cve-2019-20215-es-6ec205f5cf

 

            -  CVE-2019-20216 :: 

             - (English) https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-20216

             - (Spanish) https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-en-remote-port-29820d9f0f58

 

            -  CVE-2019-20217 :: 

            - (English) https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2019-20217

            - (Spanish) https://medium.com/@s1kr10s/d-link-dir-859-rce-unauthenticated-en-server-id-e11ca6168d35

 

 

Affected Products 

 

Currently, the following D-Link brand devices are affected:

 

Model HW Rev. Region Affected FW Fixed FW Current FW Recommendation Info Last Update
DIR-859 All Ax HW Rev US v1.06b01Beta01 and older
v1.07b03_beta** v1.07b03_beta**

Please download

 & upgrade device

12/26/2019

 

**Note: You must update your router twice to close this security issue. First update the device from the Device Web-GUI using DIR859_FW107b02beta01_20190125_j1o9_middle.bin. Second update the device from theD Device Web-GUI using DIR859_FW107b03_jbli_beta.bin.

 

Notice for US consumter:

Beta veriosns of firmware must meet security spot checks for the issue the Beta version is to address.  This allows us to disclose and provide a fix sooner for our technical users that understand how to manually update the device or call our customer care center for further help.  A fully qualified firmware will come at a later time that meets the full suite fo quality and security software testing we maintain under D-Link Systems, Inc. Comprehensive Software Security program.

 

Security patch for your D-Link Devices


This firmware is an update security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install this relevant updates.

 

As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.