Control panel backdoor found in the D-Link home routers
A new post on The Register details a vulnerability in D-Link consumer-grade products that provides unauthenticated access to the units’ admin interfaces.
The backdoor means an attacker could take over all of the user-controllable functions of the popular home routers, which includes the DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and TM-G5240 units. According to the post on the /DEV/TTYS0 blog, a couple of Planex routers are also affected, since they use the same firmware.
A Binwalk extract of the D-Link DIR-100 firmware revealed that an unauthenticated user needs only change their user agent string to xmlset_roodkcableoj28840ybtide to access the router’s Web interface with no login required.
Read the entire article here.
Similar Articles
Control panel backdoor found in the D-Link home routers
READ MOREWireless spectrum needs to be used, Ottawa warns telecoms
READ MOREU.S. FCC to wireless carriers: agree on phone unlocking policy or face rules
READ MOREBangladesh regulator gives the green light for number portability, launch planned end of this year
READ MOREMoldova offering phone number portability
READ MORE