/dev/ttyS0 Embedded Device Hacking #branding Skip to content Home Training Blog Tools Contact About #access #masthead #header « Hacking the D-Link DIR-890L #nav-above By Craig | April 14, 2015 - 9:28 pm | Reverse Engineering , Security , Tutorial .entry-meta As mentioned in an update to my post on the HNAP bug in the DIR-890L, the same bug was reported earlier this year in the DIR-645, and a patch was released. D-Link has now released a patch for the DIR-890L as well. The patches for both the DIR-645 and DIR-890L are identical, so I’ll only examine the DIR-890L here. Although I focused on command injection in my previous post , this patch addresses multiple security bugs, all of which stem from the use of strstr to validate the HNAP SOAPAction header: Use of unauthenticated user data in a call to system (command injection) Use of una...