D-Link DAP-2695 Firmware Signature Verification Vulnerability

A vulnerability exists in the D-Link DAP-2695 access point running firmware version 2.00RC13. The issue arises in the Firmware Update Handler, specifically in the function sub_40C6B8, where there is improper verification of cryptographic signatures during the firmware update process. This vulnerability allows remote attackers to bypass integrity checks by manipulating the magic number and exploiting the use of the weak MD5 hashing algorithm. As a result, unauthorized firmware updates could be applied, potentially leading to further exploitation.

Impact

Exploitation of this vulnerability allows for unauthorized firmware updates by bypassing cryptographic signature verification. This could lead to the installation of malicious firmware, with the potential for further exploitation of the device.