Jump to content

D-Link Releases Router Firmware Updates for backdoor vulnerability


Matsuda

Recommended Posts

D_link_routers_firmware_security_update_

In October, A Security researcher 'Craig Heffner' discovered a backdoor vulnerability (CVE-2013-6027) with certain D-Link routers that allow cyber criminals to alter a router setting without a username or password.

Last week, D-Link has released new version of Firmware for various vulnerable router models, that patches the unauthorized administrator access backdoor. Heffner found that the web interface for some D-Link routers could be accessed if the browser's user agent string is set to xmlset_roodkcableoj28840ybtide.

From last month, D-Link was working with Heffner and other security researchers, to find out more about the backdoor and now the Company has released the updates for the following models:

· DIR-100

· DIR-120

· DI-524

· DI-524UP

· DI-604UP

· DI-604+

· DI-624S

· TM-G5240

D-link+routers+firmware+security+update.

The company advised users to do not enable the Remote Management feature, since this will allow malicious users to use this exploit from the internet and also warned to ignore unsolicited emails:

"If you receive unsolicited e-mails that relates to security vulnerabilities and prompt you to action, please ignore it. When you click on links in such e-mails, it could allow unauthorized persons to access your router. Neither D-Link nor its partners and resellers will send you unsolicited messages where you are asked to click or install something."

Readers strongly recommend to download and install the relevant updates as soon as possible for their network Security and make sure that your wireless network is secure. NMAP script was also released last month to scan and find the vulnerable routers, you can Download it for testing purpose.





search_button.gifSource

Link to comment
Share on other sites


  • Views 983
  • Created
  • Last Reply

Top Posters In This Topic

  • Matsuda

    1

Popular Days

Top Posters In This Topic

Popular Days

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...