Home
 » ISP News » 
Sponsored

Older D-Link and Other Routers Exposed to Realtek WiFi Vulnerability

Wednesday, April 29th, 2015 (9:37 am) - Score 1,137

An unknown number of broadband routers that make use of the 802.11a/b/g WiFi controllers from Realtek, such as some older models of D-Link and TRENDnet kit, appear to be exposed to a vulnerability that allows remote attackers to execute arbitrary code on related hardware.

The problem stems from a Realtek Software Developers Kit (rtl81xx SDK), which appears to exhibit a vulnerability in its Simple Object Access Protocol (SOAP) on some older 802.11a/b/g WiFi controllers (here). SOAP, which also works alongside HTTP (web) and SMTP (email sending), allows for the exchanging of information in the implementation of web services.

Apparently a flaw with SOAP’s minigd service and related NewInternalClient requests mean that user data isn’t sanitised properly before the execution of a system call and as such a remote attacker could use this to “execute code with root privileges“, which might potentially give them full access to your network and router. But the attacker would probably need to be within range of the WiFi signal in order for this to work.

Unfortunately some routers also inherit the vulnerable code through use of Realtek’s related WiFi controllers and this includes a few D-Link and TRENDnet devices; although there are probably others, but it’s difficult to know who uses the vulnerable controllers and in which specific model(s) of router.

Mitigating the Problem

Given the stated purpose of Realtek SDK, and the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the service to trusted machines. Only the clients and servers that have a legitimate procedural relationship with products using Realtek SDK service should be permitted to communicate with it. This could be accomplished in a number of ways, most notably with firewall rules/whitelisting.

Over the past year Realtek are understood to have been repeatedly and privately informed about the security flaw, although they have never once responded and as such the flaw has now been made public.

In fairness the vulnerability currently only appears to affect older devices and so there’s unlikely to be much that Realtek could do about it, not least since most routers manufacturers’ will have long since dropped support for related kit. We suspect that this is probably a fairly low risk issue for UK consumers.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
1 Response

Comments are closed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Ultrafast ISPs
  • Gigaclear £17.00
    Speed: 200Mbps, Unlimited
    Gift: None
  • Community Fibre £20.00
    Speed: 150Mbps, Unlimited
    Gift: None
  • Hyperoptic £20.00
    Speed: 158Mbps, Unlimited
    Gift: Promo code: HYPERSALE
  • Virgin Media £25.00
    Speed: 108Mbps, Unlimited
    Gift: None
  • Vodafone £25.00
    Speed: 100Mbps, Unlimited
    Gift: None
Large Availability | View All
New Forum Topics
»
»
Morecambe fttp
Author: Gingeee85
»
Huawei B818-263
Author: teleman6868
»
Anyone on Giganet?
Author: jalzoo
»
Cheapest Superfast ISPs
  • Hyperoptic £17.99
    Speed 33Mbps, Unlimited
    Gift: Promo code: HYPERSALE
  • NOW £20.00
    Speed 36Mbps, Unlimited
    Gift: None
  • Shell Energy £21.99
    Speed 35Mbps, Unlimited
    Gift: None
  • Vodafone £22.00
    Speed 38Mbps, Unlimited
    Gift: None
  • Plusnet £22.99
    Speed 36Mbps, Unlimited
    Gift: £70 Reward Card
Large Availability | View All
The Top 20 Category Tags
  1. FTTP (4126)
  2. BT (3154)
  3. Politics (2122)
  4. Building Digital UK (2028)
  5. Openreach (1970)
  6. FTTC (1923)
  7. Business (1836)
  8. Mobile Broadband (1608)
  9. Statistics (1513)
  10. 4G (1380)
  11. FTTH (1371)
  12. Virgin Media (1277)
  13. Ofcom Regulation (1242)
  14. Fibre Optic (1235)
  15. Wireless Internet (1234)
  16. Vodafone (928)
  17. EE (907)
  18. 5G (900)
  19. TalkTalk (821)
  20. Sky Broadband (787)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact