When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

D-Link Leaves Critical Hole Open for 5 Months, And Counting

Security vulnerability discoveries were reported last February to D-Link and surprisingly they still have not been fixed yet! The vulnerability allows remote code to be executed through the routersfirmware potentially leaving affected customers vulnerable to attack.The vulnerability can give an attacker complete control over any andall network traffic.

The effected products are:

  • DI-524 (Wireless)
  • DI-604*
  • DI-624 (Wireless)
  • DI-784* (Wireless)
  • EBR-2310*
  • WBR-1310 (Wireless)
  • WBR-2310 (Wireless)
*(Denotes firmware update available)

D-Linkhas hardly said a word publicly about the issue and has only patched asmall portion of the devices affected. In fact the only word directlyfrom D-Link is from a supposed support staff member in a post on the
DSLReports.com forums.According to that person the issue has to do with UPnP, a LAN sideprotocol thus reasoning that the problem isn't susceptible to WAN orinternet side attacks.

Unfortunately because some of theeffected routers are wireless it isn't unlikely that an attacker mightcompromise the router by gaining access to the wireless portion of therouter and injecting malicious code. Even secured wireless routersaren't foolproof and given enough time and resources these too can becompromised. The only advice that can be given at this point fromsecurity researchers is to discontinue using the affected routers untila fix is published by D-Link as there is nothing the consumer can to domitigate the issue themselves.

D-Link was also recently in the news when its engineers began using a FreeBSD NTP top level server as the primary time server for its devices. The issue was solved eventually, and new routers stopped using the NTP server.

News source: DailyTech

Report a problem with article
Next Article

Security Researcher Goes Public with MSN and Amazon Flaws

Previous Article

Taskbar Button Manager 2.1 - re-order your taskbar buttons

Join the conversation!

Login or Sign Up to read and post a comment.

1 Comment - Add comment