D-Link Router Security Problem
On Nov. 28, D-Link released a series of updates to fix the problem. Updates are available for the following models:
A backdoor found in firmware used in several D-Link routers could allow an attacker to change a device’s settings, a serious security problem that could be used for surveillance.
Craig Heffner, a vulnerability researcher with Tactical Network Solutions who specializes in wireless and embedded systems, found the vulnerability. Heffner wrote on his blog that the web interface for some D-Link routers could be accessed if a browser’s user agent string is set to “xmlset_roodkcableoj28840ybtide.–InfoWorld.com
D-Link will address by the end of October a security issue in some of its routers that could allow attackers to change the device settings without requiring a username and password.
The issue consists of a backdoor-type function built into the firmware of some D-Link routers that can be used to bypass the normal authentication procedure on their Web-based user interfaces.–
…D-Link will release firmware updates to address the vulnerability in affected routers by the end of October, the networking equipment manufacturer said via email.
The updates will be listed on a security page on the D-Link website and in the download section of the support page for each affected product.
About The Pit Crew
PC Pitstop's Pit Crew is committed to providing you with the information you need to keep your PC safe and running like new.