After yesterday’s revelation which revealed that a backdoor had been discovered in a variety of D-Link routers allowing easy access to the admin sections of the user interface.
D-Link manufacturers of the routers have today announced that they are developing a fix to correct the insecure access issue and will be rolling it out a fix to owners before the end of the month.
The D-Link backdoor security issue which was discovered in some D-Link routers allow attackers to change settings within the admin section without the need for a username or password. Access to the router is granted by a back door type function which had been built into the firmware of some routers and allowed access to bypass the authentication system to gain access.
The D-Link routers which are affected by this backdoor access string hack include the : DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and TM-G5240 D-Link routers.
Vulnerability researcher Craig Heffner discovered the issue and reported it over the weekend explaining that :
“If your browser’s user agent string is ‘xmlset_roodkcableoj28840ybtide’ (no quotes), you can access the web interface without any authentication and view/change the device settings,”-“When read in reverse, the last part of this hard-coded value is “edit by 04882 joel backdoor.”
When D-Link release a new firmware fix for the back door issue we will keep you updated as always.
Source: Computer World