Thursday, August 11, 2022
  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
No Result
View All Result
Home ISP

Yet Another D-Link DIR-850L Vulnerability Exposed, Allows Wi-Fi Authentication Bypass (UPDATE)

by Newsdesk
November 19, 2018
TM D-Link DIR-850L
333
SHARES
Share on FacebookShare on Twitter

UPDATE (1017PM): D-Link Malaysia, TM, and Time Internet have verified that the D-Link DIR-850L in our market are not affected by this security issue. More details right here.

ORIGINAL STORY (200PM):

The D-Link DIR-850L is one of the most popular routers being used in Malaysia, not because its a fantastic piece of hardware, but because two major ISP’s in Malaysia, TM and TIME have been providing it for free with their fibre broadband packages.

While TIME has since switched to providing their new customers with TP-Link’s AC 1200 router, older customers are still stuck with the somewhat dated DIR-850L. As for TM, last we checked, even new customers are still being assigned the DIR-850L.

The DIR-850L however is not a stranger to vulnerabilities. Last year, a number of critical security issues was discovered with the router, that included backdoor access to the router, as well as weak credential storage on the device itself. These were critical issues that was solved by a firmware update released by the individual ISP’s late last year. Unfortunately, it looks like that was not the end of it.

On August 20th 2018, D-Link was made aware of a security vulnerability with the DIR-850L with Hardware Revision A, that allows an attacker with sufficient knowledge of the issue to bypass WiFi encryption (inclusive of WPA) and gain internet access without any credentials. The D-Link DIR-850L with Hardware Revision B is not affected.

ADVERTISEMENT

D-Link confirmed the vulnerability on the 6th of November 2018, and released a firmware update to address the issue. However, similar to the incident last year, TIME and unifi users will not be able to patch their devices using the generic firmware released by D-Link. If your DIR-850L was provided by your ISP, then you will need to wait for D-Link Malaysia, or the respective ISP’s to roll out their customized firmware update.

At time of writing, neither D-Link Malaysia, TIME Internet or Telekom Malaysia has issued any update or advisories on this security vulnerability, or when a firmware update will be made available.

Temporary Solutions

While this particular vulnerability doesn’t exactly allow someone to infiltrate your network from anywhere around the world, it does open your network up to someone within your Wi-Fi range to have unrestricted access to your Wi-Fi internet connection, as well as files within your local network that the router is connected to.

Turning off your Wi-Fi and switching to a wired connection until a firmware update is a simple solution to avoid your data or network being compromised at this point in time. Alternatively, for under RM100, you should be able to get a decent replacement router in the market.

We will update this story once we receive more information from D-Link Malaysia, or any of the affected ISP’s.

(Source: Synopsys’ Cybersecurity Researcher Tuomo Untinen, Finland)

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

Tags: D-LinkD-Link DIR-850Lroutervulnerabilities
Updated 2:10 am, Tue, 20 November 18
Back to top
Share133Tweet83SendShare

ADVERTISEMENT

RELATED ARTICLES

celcom router modem replacement flood
Telco

Celcom Offers Free Replacements For Flood-Damaged Modem And Router

by Ikmal Rozlan
December 28, 2021
TIME Internet Omnimesh WiFi home
ISP

Five Reasons Why You Should Get TIME’s OmniMesh For The Ultimate Home WiFi Experience

by Heirul Kamel
August 11, 2021
D-Link DIR850-L TM Unifi
Featured

D-Link, TM, and Time Internet Confirm That DIR-850L Router in Malaysia Not Affected By Security Issue

by Chief Chapree
November 19, 2018
Hardware

Netgear Announces New Nighthawk Series Routers; Brand’s First Routers To Use WiFi 6 Standard

by John Law
November 9, 2018
Load More
No Result
View All Result

TRENDING TODAY

  1. 1
    Apps

    WhatsApp Is Giving You Two Whole Days To Delete Messages

  2. 2
    Fintech

    Maybank Apple Pay Page Is Now Live [UPDATED]

  3. 3
    Fintech

    Apple Pay Finally Arrives In Malaysia: Supports Maybank, AmBank, and Standard Chartered

  4. 4
    Laptops

    2022 Acer Swift 5 Lands In Malaysia With New Design and 12th Gen Intel Core

  5. 5
    Fintech

    Apple Pay Signage Appears At Maxis Centre And Website (UPDATED)

Consumer Tech News & Reviews Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Contact Us
  • Editorial Policy
  • Terms & Conditions

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

We use cookies to improve your experience. Learn More.