Are you using this D-Link DIR-850L router? Your security might be at risk!

If you are using a Dlink 850L router, which happens to be a Wireless AC1200 Dual Band Gigabit “Cloud” Router, chances are that you are using it’s full cloud capabilities and this could pose as a security risk to you. Security Pierre Kim (@PierreKimSec) takes you on a journey right from decrypting the router firmware all the way to exploiting it in a beautifully crafted guide here. There is even a script written in C that you can compile right away and use it.

What’s the damage, you ask? Pretty much everything can be pwned! Right from the internal DHCP LAN, to the external communication protocols, even including the supposed to be unique feature – the custom MyDlink cloud! All this was actually a security contest entry that did not materialize because Pierre Kim got a revisionB of the router – which was not affected with this exploit at that time.

Don’t Panic, help is on it’s way

As much as you should, don’t panic. Right now, there are steps that you can take to avoid getting exploited:

• Reset the router to its default factory setting.
• Disable the WAN remote admin feature
• Do not access the router through unauthorized Wi-Fi.
• Change the wireless SSID password and PIN code to prevent unauthorized users from accessing the LAN.
• Change the device’s administrator password. Be sure to use a strong new password.

These are the guidelines as stated by D-Link on their website. There will also be a firmware update scheduled for tomorrow and you really should get your router updated.

Source: Pierre Kim, D-Link

Pokdepinion: Security vulberability is always a possiblity. What is important, is that you know what you are putting at risk and what is hidden way in the abyss