Independent security researcher Varang Amin and Aditya Sood, chief architect at Elastica’s Cloud Threat Labs discovered a flaw in DGS-1210 Series Gigabit smart switches from D-Link which could be exploited to access log and configuration files without any authentication credentials.
These switches which can be configured to store backup files, including logs, firmware and configuration files lack proper authorization and authentication controls, allowing an attacker to access the backup files found both on the device’s flash memory and the web server.
The duo also pointed out that while the web server’s root directory is easily accessible, the back files from the flash memory could be remotely accessed by knowing the IP address of target device.
The access of configuration file can pose a threat as it can expose all the details about the switch including configuration, username, etc. The file can be uploaded to another switch to obtain further information about the clients which is stored in log files.
According to Sood, the flaw was detected on October 07, but the company did not release a fix for it till now.
After waiting for a month, the researchers recently disclosed their discovery at the ToorCon security conference. However, in order to give time to the firm to address the issue, the duo did not make the exploit details public.