14 Oct 2013

D-link Router Backdoor Access String Discovered

Owners of D-Link routers might be a little concerned to hear that over the weekend a new vulnerability has been discovered affecting a range of D-Link routers.
The discovery was made by a team of embedded device hackers who discovered a way to gain unauthenticated access to the routers admin interfaces. Allowing unwanted access to the router and enabling a malicious hacker to gain control over its functions.
D-link Router Backdoor
The D-Link routers which are affected by this backdoor access string hack include the : DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and TM-G5240 D-Link routers.
The hack revealed on the team’s website also explains that a couple of Planex routers have also been affected because they use the same firmware as the previous mentioned devices.
To gain access to the routers and main user interface a malicious hacker needs to change their user agent string to xmlset_roodkcableoj28840ybtide to access the router admin sections.
The /DEV/TTYS0 author, Craig, says the backdoor exists in v1.13 of the DIR-100revA products. Currently there is no protection against this backdoor hack, but it’s expected that D-Link are already working on a fix for the issue. But in the mean time its is advised that all D-Link owners disable WAN-port access to the administrative interfaces. As more information is released by D-Link we will keep you updated as always.
D-link Router Backdoor
Source: The Register : /DEV/TTYS0


Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Affiliate Network Reviews