Online Computer Tips Home
Home All Tips OCT Newsletter Free Tutorials Tech News Resources

Monday, October 14, 2013

Backdoor vulnerability found in D-Link routers

Posted by David Bernstein

If you have a broadband internet connection at home you most likely have a router between your modem and computer, or at least you should have one. Even if you don’t use a wireless connection you should have a router to get an extra layer of security to protect you from the outside world.

There are a handful of top brands of routers you will find in your local electronics store such as Netgear, Belkin and Linksys. There is one major brand (D-Link) that has recently been discovered to have a security hole that can allow remote code execution and allow the hacker to login to the router without knowing the name or password. After they are in they can do things such as change the router’s settings and redirect computers to malicious websites. A researcher from Tactical Network Solutions named Craig Heffner discovered the vulnerability out of boredom while reverse engineering the web server software contained in the router’s firmware.

This security hole does not affect all D-Link routers. The most likely affected models include the DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240 and possibly DIR-615. The BRL-04UR and BRL-04CW routers made by Planex Communications might also be vulnerable because they also appear to use the same firmware. D-Link plans on having the issue fixed by Halloween.