RCE Vulnerability in D-Link WAP Allows Remote Access by Attackers

Home/BOTNET, Exploitation, Security Advisory, Security Update, Tips, vulnerability/RCE Vulnerability in D-Link WAP Allows Remote Access by Attackers

RCE Vulnerability in D-Link WAP Allows Remote Access by Attackers

The D-Link DAP-2310 Wireless Access Point is vulnerable to remote code execution, allowing attackers to gain unauthorized remote access. Discovered by Dark Wolf Solutions, this guide covers the details of the vulnerability, the models affected, and the steps users should take to protect themselves.

More about the RCE Vulnerability

Dark Wolf Solutions named the vulnerability “BouncyPufferfish.” It exploits a stack-based buffer overflow in the D-Link DAP-2310’s ATP binary, which processes PHP HTTP requests for the device’s Apache server. By sending a specially crafted HTTP GET request, attackers can trigger the overflow, execute a ROP chain, and run arbitrary shell commands using the system() function.

The vulnerability is especially dangerous because it doesn’t require authentication, making it easy to exploit. Dark Wolf Solutions’ proof-of-concept demonstrates how simple it is to leverage this flaw, posing a significant risk to users.

Affected Models

The D-Link DAP-2310, across all hardware revisions, is vulnerable and has reached End-of-Life (EOL) and End-of-Service Life (EOS) as of November 30, 2021. D-Link no longer supports or updates these devices, leaving them exposed to exploitation.

ModelRegionHardware RevisionEnd of SupportLast Updated
DAP-2310WorldwideAll Series11/30/202107/09/2024
  • Recommendation: D-Link advises retiring and replacing DAP-2310 and other EOL/EOS devices due to lack of support and updates.
  • If continuing use:
    • Firmware: Ensure it’s the latest version available before EOL.
    • Password: Regularly update the device’s web configuration password.
    • WIFI Encryption: Use strong, unique passwords for WIFI encryption.

These steps can help reduce risks, but replacing the devices with newer models is the best solution.

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

By | 2024-09-09T21:16:02+05:30 September 3rd, 2024|BOTNET, Exploitation, Security Advisory, Security Update, Tips, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!