Overview
The DNS-315 DNS-320 DNS-320L DNS-320LW DNS-325 DNS-327L DNS-345 Rev. Ax and Bx is susceptible to denial of service attacks by allowing unauthorized access to reboot/shutdown/reset feature. These vulnerabilities allows an attacker to perform denail of service exploits that may cause the device to be unreliable and malfunction.
D-Link Security Incident Reponse Policy
All public communication on this issue will be offered at http://securityadvisories.dlink.com/security/
Our security response team can be contacted for incident information or to report incidents at security@dlink.com
Any non-critical security issue, help in updating firmware, or configuration regarding this issue please contact your D-Link Customer care channel.
Reference
Author - rigan - Link
OSVDB-ID: 77573
Description
We encourage you to read further infomation at http://www.exploit-db.com/exploits/18199/. The author can provide further details.
In order to avoid miscommunication the following is taken directly from the authors report @ LINK.
The issue was initially discovered on DNS-320 Rev. Ax, firmware v. 2.00b06 however D-Link as expanded the devices under our further research, please see table for complete list:
An explanation and exploit script is provide on the report @ LINK.
This is considered an advanced exploit which is well documented at the author's site and will encourage the user to go to the report to read more details.
Recommendation
Immediately update to the fixed firmware referenced in the able below. Please continue to monior this page for further updates and disclousres.
D-Link recommend your network, that includes the D-Link Network Attached Storage is connected, is protected by a firewall or better security policy to mitigate a malicious remote user.
D-Link recommend restricting the network attached storage from communicating with the internet. Filters can be added to most popular routers/firewalls that will restrict the devices access to the local network only.
All devices on your network should have log-in credentials and if your network has WiFi, please make sure WiFi encryptiion-keys are enabled. Also for devices that cannot notify the owner of a new software updates, to check for updates from the devices manufacture.
D-Link recommends all PCs (Window or Mac) are scanned for virus, bots, or other damaging software that could compromise the network they are connected.
WiFi encryption reduces the risk to this vulnerabilty if the device Web-GUI is accessed over WiFi. If WiFi network was encrypted, the malicious user would also need to compromise the WiFi encryption, or PC using the Web-GUI utility, in order to monitor the traffice and intercept the cookie.
The default configuration of D-Link's Network Attached Storage is to provide simple installation, ease of useability, and offer widest interoperability. D-Link Systems (D-Link US) reminds customers to configure their devices specifically to the for security concerns with in their network infrastructure. In General, D-Link Systems (D-Link US) recommends disabling services not being used, changing/securing device log-in credentials, enable WiFi encrytion, and evaluate all security risks for your network regularly.
Affected Products
Security patch for your D-Link router
These firmware updates address the security vulnerabilities in affected D-Link routers. D-Link will update this continually and we strongly recommend all users to install the relevant updates.
As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.
To update the firmware please log-in to the Web-GUI interface of your device, from the menu select Maintanence -> System -> Upgrade Firmware. If you require help please contact your regional D-Link customer care website for options.