The Improper Access Control vulnerability is present in the Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version: v3.2.02) due to the absence of proper access control on the root terminal accessible via a serial interface.
An attacker with physical access could leverage this vulnerability by identifying UART pins and gaining access to the root shell on the vulnerable system. Exploiting this vulnerability successfully could enable the attacker to extract sensitive information from the targeted system.
An attacker with physical access to the Digisol DG-GR1321 router can exploit the documented vulnerability to completely compromise the device’s security. By exploiting this vulnerability, the attacker gains unauthorized access to the router’s functionalities and can potentially extract sensitive data stored or transmitted by the device. This could lead to the exposure of confidential information, compromising the integrity and confidentiality of the data handled by the router.
The Digisol DG-GR1321 router’s UART/Serial interface allows users to access log output and a root terminal without proper access control, facilitating direct interaction with the device’s operating system.
1. Boot Log Output: During router boot-up, log messages indicate the presence of a root shell access prompt, suggesting vulnerability.
2. Identifying UART Pins: UART pins (Rx, Tx, Vcc, Gnd) on the router are located to establish a serial communication interface.
3. Connecting to Terminal: Using UART-to-USB adapters and terminal emulator software, a connection is established to the router’s terminal.
4. Root Shell Access: Upon connection, the root shell access prompt confirms unauthorized access to execute commands with elevated privileges.
It is recommended to upgrade the firmware to the latest version. The firmware upgrade may include patches or fixes addressing the vulnerability. Firmware for DG-GR1321 with HW version 3.7L and starting with V3.1.XX can be downloaded from Digisol’s firmware website. Additionally, the firmware can be accessed from this Google Drive link.
The vulnerability lies in the Digisol DG-GR1321 router and is attributed to unsecured root terminal access through the UART interface. This vulnerability enables physical attackers to execute commands with root privileges, posing a significant security risk. The proof of concept involves accessing the root shell by identifying UART pins on the device and connecting to its terminal. To mitigate this vulnerability, it is recommended to upgrade the firmware to the latest version.
Redfox Security is a diverse network of expert security consultants with a global mindset and a collaborative culture. If you are looking to improve your organization’s security posture, contact us today to discuss your security testing needs. Our team of security professionals can help you identify vulnerabilities and weaknesses in your systems and provide recommendations to remediate them.
Join us on our journey of growth and development by signing up for our comprehensive courses.
Redfox Cyber Security Inc.
8 The Green, Ste. A, Dover,
Delaware 19901,
United States.
info@redfoxsec.com
©️2024 Redfox Cyber Security Inc. All rights reserved.
