D-Link routers have easy-to-exploit backdoor security exploit, D-Link will issue a fix by end of October


It appears several D-Link routers are experiencing security issues, as it is being reported an easy-to-exploit backdoor in the routers has been located. The exploit could allow attackers to take direct control of the router and spy on a user’s browsing activity. You may now need to watch those “videos” in a private tab if you don’t want some hacker from far away to know your secrets.

Now, with every bad news, there’s always a bit of good news. D-Link has acknowledged the problem and promised to have a fix up and ready by the end of October. We would have preferred if D-Link could move a little bit faster on that update since the end of October is about 2 weeks away. This could give hackers enough time gather enough personal information on D-Link users, such as myself.

Security researcher, Craig Heffner, first discovered the backdoor. We understand that Heffner reverse-engineered the software used to manipulate a D-Link DIR-100 router. After analyzing the code, Heffner realized if used in the right way, hackers could gain remote access to the router.

Furthermore, the same string was found to work on several other D-Link routers and a few routers from Planex. (DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and the TM-G5240) and two from Planex (BRL-04UR and BRL-04CW).

Come to think of it, there’s a chance no one might come across problems with these D-Link routers. You see; Remote Access is turned off by default, and so only advanced users who understand the use of Remote Access would have it on. All regular humans would likely have no idea the feature is even there to begin with.

Still, make sure to keep your router password protected, as anything is possible.

[via D-Link, IT World]

Related Posts