Matsuda Posted December 2, 2013 Share Posted December 2, 2013 In October, A Security researcher 'Craig Heffner' discovered a backdoor vulnerability (CVE-2013-6027) with certain D-Link routers that allow cyber criminals to alter a router setting without a username or password.Last week, D-Link has released new version of Firmware for various vulnerable router models, that patches the unauthorized administrator access backdoor. Heffner found that the web interface for some D-Link routers could be accessed if the browser's user agent string is set to xmlset_roodkcableoj28840ybtide.From last month, D-Link was working with Heffner and other security researchers, to find out more about the backdoor and now the Company has released the updates for the following models:· DIR-100· DIR-120· DI-524· DI-524UP· DI-604UP· DI-604+· DI-624S· TM-G5240 The company advised users to do not enable the Remote Management feature, since this will allow malicious users to use this exploit from the internet and also warned to ignore unsolicited emails:"If you receive unsolicited e-mails that relates to security vulnerabilities and prompt you to action, please ignore it. When you click on links in such e-mails, it could allow unauthorized persons to access your router. Neither D-Link nor its partners and resellers will send you unsolicited messages where you are asked to click or install something."Readers strongly recommend to download and install the relevant updates as soon as possible for their network Security and make sure that your wireless network is secure. NMAP script was also released last month to scan and find the vulnerable routers, you can Download it for testing purpose.Source Link to comment Share on other sites More sharing options...
Recommended Posts