

Hacking the DSP-W215, Again, Again, Again - ehPReth
http://www.devttys0.com/2014/05/hacking-the-dsp-w215-again-again-again/

======
ehPReth
Context: DSP-W215 is a 'smart plug' \- something that allows you to control an
outlet's on/off state remotely via your LAN. (
[http://www.dlink.com/us/en/home-solutions/connected-
home/sma...](http://www.dlink.com/us/en/home-solutions/connected-home/smart-
plugs/dsp-w215) )

This is the 4th vulnerability found in this unit. If I remember correctly a
patch was released after each reported vulnerability. D-Link's software unit
(or whoever wrote the software for this) really needs to step up their game it
seems...

------
lunixbochs
This is a class of devices (consumer embedded+networked) practically
guaranteed to have a decent amount of in-house software sitting a while with
little external scrutiny. I think most consumer companies with a web interface
on their router have messed up at some time or another... not to mention
countless outright back doors.

