no one is safe ...
//secure it#

Multiple Vulnerabilities in D'Link DIR-615

Device Name: DIR-615 - Hardware revision H1
Vendor: D-Link

============ Device Description: ============

Delivering great wireless performance, network security and coverage, the D-Link Wireless N 300 Router (DIR-615) is ideal for upgrading your existing wireless home network.


============ Vulnerable Firmware Releases: ============

Firmware Version : 8.04, Tue, 4, Sep, 2012
Firmware Version : 8.04, Fri, 18, Jan, 2013

Multiple Vulnerabilities in Netgear DGN1000B

Device Name: DGN1000B
Vendor: Netgear

============ Vulnerable Firmware Releases: ============

Firmwareversion: V1.1.00.24
Firmwareversion: V1.1.00.45


============ Device Description: ============

The N150 Wireless ADSL2+ Modem Router DGN1000 provides you with an easy and secure way to set up a wireless home network with fast access to the Internet over a high-speed digital subscriber line (DSL). The N150 Modem Router has a built-in DSL modem and is compatible with all major DSL Internet service providers. The security features let you block unsafe Internet content and applications, and protect the devices that you connect to your home network.


============ Shodan Torks ============

Shodan Search: NETGEAR DGN1000

============ Vulnerability Overview: ============

Multiple Vulnerabilities in Linksys E1500/E2500

Device Name: Linksys E1500 / E2500
Vendor: Linksys

============ Device Description: ============

The Linksys E1500 is a Wireless-N Router with SpeedBoost. It lets you access the Internet via a wireless connection or through one of its four switched ports. You can also use the Linksys E1500 to share resources, such as computers, printers and files.

The installation and use of the Linksys E1500 is easy with Cisco Connect, the software that is installed when you run the Setup CD. Likewise, advanced configuration of the Linksys E1500 is available through its web-based setup page.


============ Vulnerable Firmware Releases - e1500: ============

Firmware-Version: v1.0.00 - build 9 Feb. 17, 2011
Firmware-Version: v1.0.04 - build 2 Mär. 8, 2012
Firmware-Version: v1.0.05 - build 1 Aug. 23, 2012

The Home Network Horror days starting right now …

Welcome to the following 2 crazy weeks with lots of vulnerabilities in more than 20 different home network devices. We have quite a high number of hopefully interesting vulnerabilities in devices from different vendors like Linksys, D'Link or Netgear for you.

Today we start with a short intro video which demonstrates unauthenticated execution of OS commands on two home routers of D-Link. The D-Link DIR-300 rev B and D-Link DIR-600 are still unpatched and an attacker is able to directly compromise these devices via the web interface. You will find the advisory here.

Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B)

Device Name: DIR-600 / DIR 300 - HW rev B1
Vendor: D-Link

============ Vulnerable Firmware Releases - DIR-300: ============

Firmware Version : 2.12 - 18.01.2012
Firmware Version : 2.13 - 07.11.2012

============ Vulnerable Firmware Releases - DIR-600: ============

Firmware-Version : 2.12b02 - 17/01/2012
Firmware-Version : 2.13b01 - 07/11/2012
Firmware-Version : 2.14b01 - 22/01/2013

============ Device Description: ============