system
1
Hey, so, I bought a router a few months ago (D-Link DIR-825) and after running a “Smart Scan” avast finds an issue with it.
https://gyazo.com/48fede5242bb3c51ccb5622105a9978c.png
I have tried to factory reset the device multiple times. Firmware is fully up to date.
I have also changed all WIFI and admin passwords. But Avast notification of an issue persists.
Avast has kindly pointed me to this exploit: https://www.exploit-db.com/exploits/15666/ .
Was this caused by some software I ran or was the device like this when I bought it? Any help at all would be very appreciated.
The following example URL will allow access to the router’s main administrative Web page without authentication:
http://192.168.0.1/bsc_lan.php?NO_NEED_AUTH=1&AUTH_GROUP=0
You should update the FW to fix this. For settings read: https://www.reddit.com/r/wireless/comments/3cwhua/what_firewall_settings_should_i_turn_on_with_my/
polonus
system
3
That link gives me a “Error 404 Sorry, the requested page is not found.”.
And all firmware as fully up to date.
I do not know of the actuality of the avast flag. Wait for a reaction of an avast team member.
Could be after the weekend though.
Consider this to read: https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html
D-link router suffers from incompatibility problems with firmware, and last updates left a backdoor unpatched,
read here: https://pierrekim.github.io/blog/2017-02-02-update-dlink-dwr-932b-lte-routers-vulnerabilities.html
polonus
system
5
I see.
Thank you for taking the time to answer me with this much detail.
And yeah, will await for Avast team response back. Thanks, again.
Hi freemmaann,
You are welcome, I PM-ed an avast team member to look into it and then comment here…
Stay safe and secure,
polonus (volunteer website security analyst and website error-hunter)