• Home Support Forums Security Advisories Shop     English | French
Security Announcement
Announcement > SAP10023
DAP-1350 - SQL Injection Administrative Bypass - Firmware v. 1.10 and v. 1.14
Publication ID: SAP10023
Resolved Status: Open
Published on: 8 May 2014 6:01 GMT
Last updated on: 20 May 2014 1:26 GMT

 

Overview

 

The DAP-1350 Rev. A1 contains a flaw that allows a user to bypass the administrative login to the web configuration interface supplying a username or password of "x' or 1=1--" through Basic SQL injection.

 

References

 

Dale Wooden of Weathered Security - Author - Contact: woody@weatheredsecurity.com

SensePost.com - Reported directly to D-Link via support portal link, (April 14, 2014)

 

 

Description

 

In order to maintain author's intent of the we are stating the information reported by SensePost and was confirmed by D-Link.

 

Reproduce the issue by injecting a login to the web administration page of a DAP 1350 with a password of "x' or 1=1--" (without the quotes).

 

 

Affected Product

   

Model Name

HW Version

Current FW Version

New FW Version for this exploit fix

DAP-1350

A1

v. 1.14 and older

FW: Estimated release is June 1, 2014

 

Security patch for your D-Link Devices

 

These firmware updates address the security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install the relevant updates.

 

As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.