Overview
On January 21, 2021, CERT/CC publically disclosed multiple vulnerability within dnsmasq: CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687. Industry and Author refers to this series of vulnerabilities as DNSpooq. DNSpooq vulnerabilities include DNS cache poisoning vulnerabilities as well as a potential Remote Code Execution and exploits.
The list of devices industry-wide using dnsmasq that are affected by DNSpooq is long and varied.
Public Disclosures
https://www.jsof-tech.com/disclosures/dnspooq/
https://access.redhat.com/security/vulnerabilities/RHSB-2021-001
https://us-cert.cisa.gov/ics/advisories/icsa-21-019-01
DNSpooq Vulnerability set divides into 2 types of vulnerabilities:
1. DNS cache poisoning attacks, similar to the Kaminsky attack, but different in some aspects.
2. Buffer overflow vulnerabilities that could lead to remote code execution.
DNSmasq below v2.83 is affected by the DNSpooq vulnerabilities:
JSOF reported multiple memory corruption vulnerabilities in dnsmasq due to boundary checking errors in DNSSEC handling code.
CVE-2020-25681: A heap-based buffer overflow in dnsmasq in the way it sorts RRSets before validating them with DNSSEC data in an unsolicited DNS response
CVE-2020-25682: A buffer overflow vulnerability in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data
CVE-2020-25683: A heap-based buffer overflow in get_rdata subroutine of dnsmasq, when DNSSEC is enabled and before it validates the received DNS entries
CVE-2020-25687: A heap-based buffer overflow in sort_rrset subroutine of dnsmasq, when DNSSEC is enabled and before it validates the received DNS entries
JSOF also reported vulnerabilities in DNS response validation that can result in DNS cache poisoning.
CVE-2020-25684: Dnsmasq does not validate the combination of address/port and the query-id fields of DNS request when accepting DNS responses
CVE-2020-25685: Dnsmasq uses a weak hashing algorithm (CRC32) when compiled without DNSSEC to validate DNS responses
CVE-2020-25686: Dnsmasq does not check for an existing pending request for the same name and forwards a new request thus allowing an attacker to perform a "Birthday Attack" scenario to forge replies and potentially poison the DNS cache.
Affected Products
| Category |
Model |
Hardware Revision |
Region |
Fixed F/W |
Status
|
Last Updated |
| Nuclias Business AP |
DBA-1210P |
A1 |
US |
2.06.000 |
Est. 06/25/2021
|
04/20/2021 |
| Nuclias Business AP |
DBA-1510P |
A1 |
Non-US |
Under Development |
Pending Release
|
04/20/2021 |
| Nuclias Business AP |
DBA-1520P |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Nuclias Business AP |
DBA-2520P |
A1 |
US |
2.04.000 |
Est. 06/25/2021 |
04/20/2021 |
| Nuclias Business AP |
DBA-2620P |
A1 |
US |
2.04.000 |
Est. 06/25/2021 |
04/20/2021 |
| Nuclias Business AP |
DBA-2720P |
A1 |
US |
2.03.000 |
Est. 06/25/2021 |
04/20/2021 |
| Nuclias Business AP |
DBA-2820P |
A1 |
US |
2.04.000 |
Est. 06/25/2021 |
04/20/2021 |
| Nuclias Business AP |
DBA-3620P |
A1 |
US |
2.03.000 |
Est. 06/25/2021 |
04/20/2021 |
| Nuclias Business AP |
DBA-3621P |
A1 |
US |
2.03.000 |
Est. 06/25/2021 |
04/20/2021 |
| Nuclias Business AP |
DBA-X1230P |
A1 |
Non-US |
2.01.000 |
Est. 06/25/2021 |
04/20/2021 |
| Nuclias Business AP |
DBA-X2830P |
A1 |
US |
2.01.000 |
Est. 04/15/2021 |
04/20/2021 |
| Consumer AP/Extender |
DAP-1325 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DAP-1530 |
A2 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DAP-1610 |
A2 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DAP-1620 |
B1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DAP-1750 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DAP-1755 |
A2 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DAP-1820 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DAP-1955 |
A2 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DAP-X1860 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DAP-X1870 |
A1 |
US |
Not Affected |
Closed |
04/20/2021 |
| Consumer AP/Extender |
DIR-L1900 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DRA-1360 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer AP/Extender |
DRA-2060 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Mesh |
COVR-1100 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Mesh |
COVR-X1870 |
A1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| Consumer Router |
DIR-1260 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-1260 |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-1360 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-1750 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-1760 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-1950 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-1960 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-2055 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-2150 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-2150 |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-2640 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-2660 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-3040 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-3060 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-615 |
X1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-821v2 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-822 |
E1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-822 |
C1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-822v2 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-825 |
I1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-842 |
C1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-853 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-853 |
A2 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-853 |
A3 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-867 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-878 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-882 |
A1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-LX1870 |
A1 |
US |
Not Affected |
Closed |
04/20/2021 |
| Consumer Router |
DIR-X1560 |
A1 |
US |
Not Affected |
Closed |
04/20/2021 |
| Consumer Router |
DIR-X1860 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Consumer Router |
DIR-X1870 |
A1 |
US |
Not Affected |
Closed |
04/20/2021 |
| Consumer Router |
DIR-X5460 |
A1 |
US |
Not Affected |
Closed |
04/20/2021 |
| Consumer Router |
DIR-X6060 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWM-222 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWM-222 |
A2 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-2101 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-910 |
D1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-920 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-932 |
D3 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-932 |
F1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-933 |
B1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-933 |
B1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-953 |
B1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-953V2 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-956 |
C1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-960 |
B1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-961 |
E1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-961 |
D1 |
US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-972 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-978 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-M921 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| Mobile Router |
DWR-M953 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
|
xDSL Gateway
|
DSL-6740C |
A2
|
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-7740C |
A1
|
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DAS-3626 |
A1 |
Non-US |
Not Affected |
Closed
|
04/20/2021 |
| xDSL Gateway |
DSL-224 |
T1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2740U |
V2 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2750U |
W1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-G225 |
T2 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2750U |
V2 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2750E |
W1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2790U |
V1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2878 |
U1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2878 |
V1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-3785 |
B1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-3788 |
B2 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DVA-6800Z |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-226 |
J1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DVA-2800 |
T1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-2888A |
T1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-G2452DG |
T2 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-G2562DG |
T1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-3890 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-3900 |
A1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DPN-100 |
C1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DPN-101G |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DPN-1452DG |
J1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-124 |
R1
|
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-125 |
R1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2750U |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-2640U |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-2740U |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-224 |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-224 |
R1 |
Non-US |
- |
- |
04/20/2021 |
| xDSL Gateway |
DSL-G2452GR |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-245GR |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DVG-5402G |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-G2452GE |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-245GE |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DVG-3452GE |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-G2452GE |
S1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-225 |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-226 |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
| xDSL Gateway |
DSL-225 |
J1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2750U |
J1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2790U |
J1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-G225 |
J1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-2252 |
J1 |
Non-US |
Not Affected |
Closed |
04/20/2021 |
| xDSL Gateway |
DSL-X1852E |
R1 |
Non-US |
Under Development |
Pending Release |
04/20/2021 |
Regarding the Security patch for your D-Link Devices
Firmware updates address the security vulnerabilities in affected D-Link devices. D-Link will update this continually, and we strongly recommend all users to install the relevant updates.
Please note that this is a device beta software, beta firmware, or hot-fix release which is still undergoing final testing before its official release. The beta software, beta firmware, or hot-fix is provided on an "as is" and "as available" basis, and the user assumes all risk and liability for use thereof. D-Link does not offer any warranties, whether express or implied, as to the beta firmware's suitability or usability. D-Link will not be liable for any loss, whether such loss is direct, indirect, special, or consequential, suffered by any party due to their use of the beta firmware.
As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the product's underside next to the serial number. Alternatively, they can also be found on the device web configuration.
--