D-Link Patches Weak Crypto in mydlink Devices

IoT security company Firmalyzer found that mydlink devices from D-Link use weak versions of SSL for remote connections. D-Link has updated its firmware.

Browser makers and other tech companies have gone to great pains to beef up weak crypto libraries, in particular those that are exposed to fallback attacks such as POODLE.

Attackers exploiting these vulnerabilities are able to dial back the encryption protecting communication to SSLv2 and SSLv3, for example, forcing servers to fall back to these weaker versions of the protocol should a more secure connection fail. With attacks such as POODLE, an attacker that successfully forces a fallback could steal private keys and decrypt traffic.

As more of these weaker versions of the libraries are replaced, more and more continue to pop up in embedded and connected devices.

The latest example was found by Firmalyzer, an IoT security company, which privately disclosed two flaws in D-Link IP-enabled camera and router firmware that expose devices to man-in-the-middle attacks. The devices are enabled by D-Link’s myDLink cloud service, which allows users to access their home network, including live camera feeds and online storage, from anywhere.

D-Link said it released a firmware update last night that patches both issues.

“D-Link is currently assessing the potential vulnerability reported for any additional routers or cameras that might be impacted,” a representative told Threatpost. “Additional information will be posted later this week online.”

Firmalyzer it found the vulnerabilities in a binary called signal, which is included in the D-Link DIR-810L router firmware. Its researchers said the binary is a device management agent for mydlink products. In an advisory, Firmalyzer said that the signalc binary establishes a TLS connection to the mydlink controller server over port 443. The binary then registers a mydlink device ID and MAC address and listens for commands from D-Link’s servers over a proprietary protocol.

Firmalyzer said it found two issues. Rather than TLS v1, mydlink uses the SSLv23_method which allows the agent to accept SSLv2 and SSLv3 handshakes. This opens the door to fallback attacks.

The other vulnerability is its failure to use the SSL_CTX_set_verify API call, which sets the callback function for server certificate verification, Firmalyzer said.

“This could enable an attacker to perform SSL MITM attack in order to capture device credentials sent to mydlink controller server on the internet, inject commands and events into the TLS connection and compromise/hijack all mydlink enabled routers in the reach,” Firmalyzer said in its report.

Firmalyzer said it disclosed details to D-Link on April 13, and 10 days later collaborated on a fix that was released yesterday.

Suggested articles