If you own a Belkin SOHO upgradable KVM switch, you can upgrade your switch's firmware as long as you have access to the Internet with at least one of your computers.Upgrading your KVM switch's firmware allows you to take advantage of any security enhancements or functional enhancements to the way the switch operates.In short, when Belkin releases a firmware update, it makes your Belkin KVM switch run better. Download the firmware installation utility titled "Belkin SOHO.exe" and the firmware for your device. Close all unnecessary running applications, including antivirus software, and then double-click on the Belkin file that you downloaded to your desktop.
Users are encouraged to update to the latest firmware release and to implement strong passwords.
Users unable or unwilling to update should still consider the following workaround guidance.
CWE-603: Use of Client-Side Authentication - CVE-2015-5989 When a password is implemented in the Belkin N600 web management interface, authorization is enforced client-side by the browser.
By intercepting packets from the embedded server containing the strings and modifying the values to "2" and "1" respectively, an attacker can bypass authentication and gain full, privileged access to restricted pages of the web management interface.
Apply an update As of May 5, 2016, Belkin has made firmware version 2.14.03 available to address most of the reported vulnerabilities.
Note that CVE-2015-5988 is still not addressed, as there is still no password requirement or prompt instructing users to create a password.Silket is pursuing a Bachelor of Arts in business management and network technologies at Lehigh Carbon Community College.I recently bought a new PC with Windows 7 installed, I already had a Belkin N wireless router on my home network (Belkin N wireless router F5D8236-4 v-3).CWE-255: Credentials Management - CVE-2015-5988 Belkin N600 by default does not set a password for the web management interface.A local area network (LAN) attacker can gain privileged access to the web management interface or leverage the default absence of credentials in remote attacks such as cross-site request forgery.Click on the browse button and locate the firmware file you downloaded to your desktop.