Digisol DG GR1321’s Password Storage in Plaintext CVE-2024-4232

Password storage is the practice of securely saving user passwords in a way that prevents unauthorized access and protects against potential security breaches. The Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version: v3.2.02) is vulnerable because it stores passwords in plaintext within its firmware/database. An attacker with physical access could extract the firmware, reverse-engineer the binary data, and access plaintext passwords, which could lead to unauthorized access to the system.

Firmware

Impact of the Vulnerability

  • Unauthorized Access: Attackers can gain unauthorized entry to the router. 
  • Credential Manipulation: Attackers can alter login credentials. 
  • Data Exposure: Sensitive information can be accessed due to insecure password storage. 
Tenable

Vulnerability Description: Passwords Stored in Plaintext

The Digisol DG-GR1321 router stores passwords in plaintext within its firmware/database. This flaw can be exploited as follows: 

  • Plaintext Storage: Passwords are saved unencrypted in the database. 
  • Unauthorized Access: With physical access, attackers can extract the firmware and access plaintext passwords. 
  • Manipulation and Exploitation: Attackers can use these passwords to control the router, leading to security breaches. 

Proof-of-Concept: Digisol DG-GR1321 Router Vulnerability

Plaintext Storage: Passwords are stored in an unencrypted format. 
Unauthorized Access: Extracting firmware allows attackers to view plaintext passwords. 
Manipulation: Attackers can manipulate settings and control the router. 

proof of concept
Mitigation

It is recommended to upgrade the firmware to the latest version. The firmware upgrade may include patches or fixes addressing the vulnerability. Firmware for DG-GR1321 with HW version 3.7L and starting with V3.1.XX can be downloaded from Digisol’s firmware website. Additionally, the firmware can be accessed from this Google Drive link

TL;DR

Digisol DG-GR1321 router has plaintext password storage and uncontrolled root terminal access.  Risks include unauthorized access, credential tampering, and data exposure. It is recommended to upgrade the firmware to the latest version. 

Redfox Security is a diverse network of expert security consultants with a global mindset and a collaborative culture. If you are looking to improve your organization’s security posture, contact us today to discuss your security testing needs. Our team of security professionals can help you identify vulnerabilities and weaknesses in your systems and provide recommendations to remediate them.

Join us on our journey of growth and development by signing up for our comprehensive courses.