Thanks to FIRMADYNE, an open-source framework that runs security tests on embedded firmware, researchers have found new and existing vulnerabilities in Netgear and D-Link wireless hardware.
FIRMADYNE is an open-source framework created by Boston University students as part of a research project designed to detect vulnerabilities by performing a security analysis of Linux-based embedded devices. Using this framework, researchers were able to perform security tests on 42 embedded device manufacturers and they analyzed approximately 23,000 firmware images. This resulted in the discovery of a total 887 images, of the 9,486 extracted, with vulnerabilities to at least one of the 74 known exploits. Additionally, researchers also found 14 formerly undetected vulnerabilities in 69 firmware images used by 12 products.
In an email sent By Dominic Chen to Full Disclosure on the D-Link and Netgear Router Vulnerabilities, Chen brought to light some of the vulnerabilities detected on the Web management interface of the Netgear and DLink routers. On the Netgear devices, the discovered flaws included pages that could be accessed without authentication (and could consequently allow direct imput to the command-line), as well as unauthenticated web pages which exposed the WPS (Wi-Fi protected Setup) PIN. Furthermore, the flaws detected on the DLink devices enabled remote code execution as a result of the buffer overflow vulnerability of the web server, as well as exposure of passwords and administrative credentials over the SNMP (Simple Network Management Protocol).
The vulnerabilities reported by FIRMADYNE affected the following 6 Netgear devices (Netgear WN604, Netgear WN802Tv2, Netgear WNAP210, Netgear WNAP320, Netgear WNDAP350, Netgear WNDAP360) and 7 D-Link devices (D-Link DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2660, DAP-2690, DAP-2695).