Independent security researcher Varang Amin and Aditya Sood,
chief architect at Elastica’s Cloud Threat Labs discovered a flaw in DGS-1210
Series Gigabit smart switches from D-Link which could be exploited to access log
and configuration files without any authentication credentials.
These switches which can be configured to store backup
files, including logs, firmware and configuration files lack proper authorization
and authentication controls, allowing an attacker to access the backup files
found both on the device’s flash memory and the web server.
The duo also pointed out that while the web server’s root directory
is easily accessible, the back files from the flash memory could be remotely
accessed by knowing the IP address of target device.
The access of configuration file can pose a threat as it can
expose all the details about the switch including configuration, username, etc.
The file can be uploaded to another switch to obtain further information about
the clients which is stored in log files.
According to Sood, the flaw was detected on October 07, but
the company did not release a fix for it till now.
After waiting for a month, the researchers recently disclosed
their discovery at the ToorCon security conference. However, in order to give
time to the firm to address the issue, the duo did not make the exploit details
public.