Critical Vulnerabilities Detected In D-Link Network Device Management Platform


The Indian Computer emergency response team (Cert-In) has released an alert on multiple vulnerabilities detected in D-Link D-View 8.0 network device management platform. The D-Link vulnerabilities have been rated “critical”.

D-Link, a prominent networking solutions provider, encountered the critical security challenge in its D-View 8.0 network device management platform earlier this May and issued a patch for the same.

These D-Link vulnerabilities potentially allow malicious actors to circumvent security measures, elevate privileges, execute unauthorized code, or access sensitive information within targeted systems.

D-Link D-View 8.0 network device management vulnerability list

These are the six network device management vulnerabilities found in D-Link D-View 8.0: 

  • CVE-2023-32164
  • CVE-2023-32165
  • CVE-2023-32166
  • CVE-2023-32167
  • CVE-2023-32168
  • CVE-2023-32169

D-Link D-View 8.0 network device management vulnerability: Understanding CVEs

CVE-2023-32164

One network device management vulnerability, CVE-2023-32164, resides in the TftpSendFileThread class. The flaw stems from insufficient validation of user-supplied paths before conducting file operations.

Exploiting this vulnerability could enable an attacker to extract sensitive information from the targeted system, potentially leading to severe consequences.

CVE-2023-32165

Furthermore, another vulnerability, identified as CVE-2023-32165, affects the Tftp ReceiveFileHandler class. Similar to the previous flaw, it arises due to inadequate validation of user-supplied paths before employing file operations.

If successfully exploited, this vulnerability grants unauthorized remote code execution capabilities to the attacker, enabling them to compromise the targeted system.

CVE-2023-32166

Additionally, CVE-2023-32166 exposes an arbitrary file creation vulnerability in the uploadFile function. Insufficient validation of user-supplied paths prior to conducting file operations allows an attacker to create files on the targeted system without authorization. This violation of system integrity could result in unauthorized access or the addition of malicious content.

CVE-2023-32167

Another critical network device management vulnerability, CVE-2023-32167, enables attackers to create or delete files on the targeted system.

This vulnerability originates from the uploadMib function, where improper validation of user-supplied paths before conducting file operations permits unauthorized manipulation of files.

The potential consequences include introducing malicious files or removing essential system components, leading to system instability or compromise.

CVE-2023-32168

Furthermore, the showUser method presents a privilege escalation vulnerability denoted as CVE-2023-32168. Due to inadequate authorization protocols, an attacker can exploit this vulnerability to elevate their privileges within the targeted system. This escalation of privileges enables the attacker to perform otherwise restricted actions, potentially leading to further exploitation or compromise of critical system resources.

CVE-2023-32169

Lastly, a vulnerability labeled CVE-2023-32169 involves an authentication bypass within the TokenUtils class. This vulnerability stems from using a hard-coded cryptographic key, allowing an attacker to circumvent authentication mechanisms.

Successful exploitation of this vulnerability grants unauthorized access to the targeted system, effectively bypassing security measures and potentially enabling further malicious activities.

Cyble Vision

How to mitigate D-Link D-View 8.0 network device management vulnerability?

D-Link has released security patches to mitigate the Network Device Management Vulnerability and its associated CVEs.

Users of D-View 8.0 must apply the appropriate patches mentioned in D-Link’s security advisory. These patches address the identified vulnerabilities, reinforcing the security posture of the affected systems.

D-Link is actively working to ensure the resilience and robustness of its network device management platform. By promptly addressing these vulnerabilities, D-Link aims to safeguard the network infrastructure of its users from potential threats and maintain the trust and confidence of its customers.

The multiple vulnerabilities in the D-Link D-View 8.0 network device management platform raise concerns regarding the security and integrity of network infrastructures.

The identified vulnerabilities allow attackers to bypass security restrictions, execute arbitrary code, escalate privileges, or disclose sensitive information.

To mitigate these risks, D-Link has advised users to opt for security patches that users should promptly apply. By taking these measures, organizations can fortify their network defenses and protect their valuable assets and information.





Source link