Control panel backdoor found in the D-Link home routers

A new post on The Register details a vulnerability in D-Link consumer-grade products that provides unauthenticated access to the units’ admin interfaces.

The backdoor means an attacker could take over all of the user-controllable functions of the popular home routers, which includes the DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and TM-G5240 units. According to the post on the /DEV/TTYS0 blog, a couple of Planex routers are also affected, since they use the same firmware.

A Binwalk extract of the D-Link DIR-100 firmware revealed that an unauthenticated user needs only change their user agent string to xmlset_roodkcableoj28840ybtide to access the router’s Web interface with no login required.

Read the entire article here.

read more

Labels


About

Multitel is a telecom solutions provider. We empower your telecom voice switches with e911 services, international phone numbers, texting/sms and CNAM services. Our API provides unrestricted access to our services enabling you and your customer to use and benefit from our solutions. Integration services are also available.

We proudly recommend Zoiper

Contact

Phone: 1-888-686-8581
Email: [email protected]

News

Quick Links

2014 © Multitel LLC. Privacy Policy | Terms of Service