D-Link DIR-601 home router Vulnerability

February 8, 2012 By

Attackers can gain access to files via TFTP on D-Link


Information At A Glance
  • Source – solutionary.com
  • Version/Dependency – D-Link DIR-601 Wireless N 150 Home Router
  • Developer – D-Link
  • Severity – High
Summary
The DIR-601 D-Link Wireless N 150 Home router is vulnerable to a directory Traversal Attack. An attacker could use this to retrieve files outside of the TFTP server root.
Fix / Corrective Action(s)
There is no current fix available. Disable the TFTP server access. Apply any firmware updates if they become available. See D-Link for more information.
Miscellaneous
Credit: Rob Kraus and Solutionary Engineering Research Team (SERT)

Disclaimer: Salvus Alerting provides timely industry related information to its subscriber community and visitors for informational purposes only and makes every effort to distribute accurate and reliable information. Any information provided, is considered “as-is” and the subscriber and/or visitor assumes all responsibility for its uses. Salvus Alerting disclaims all warranties with regard to the information being provided, including all implied warranties of merchantability and fitness. In no event shall Salvus Alerting be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other legal action, arising out of or in connection with the use or performance of this information being provided. Salvus Systems and Salvus Alerting is a wholly owned and operated by FactNgN, LLC. – as of 02/07/2012
Filed Under: General, Latest SalvusAlerts