D-Link Closes Backdoor on Some Home Routers

D-Link updates fix a flaw that could give attackers control of home/work networks.

D-Link has put out a patch to fix a security flaw that would have allowed attackers to access the administration and security settings of some home routers by modifying text in the data sent by browsers asking for HTML connections to the router.

Patched firmware for some of the affected models is available on D-Link’s security update page.

Accessing the administration interface on a wireless router, modem or other home-access device could allow attackers to take over a remote network to attack systems connected to it, or to use it as a jumping-off point for attacks on more sensitive targets – while making it look as if D-Link owners were culprits rather than victims.

Security researcher Craig Heffner identified the vulnerability in October by discovering that adding a string of text to the data identifying a User Agent in a browser request could give almost anyone secure access to the router without knowing a password.

Models Heffner identified as containing the flaw include:DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+ and TM-G5240. Others that run the same firmware and may also be vulnerable include Planex routers BRL-04R, BRL-04UR and BRL-04CW.

D-Link issued firmware updates for six models, while warning customers to verify the version number of their hardware before installing updated firmware.

Patches are available here for the following models:

  • DI-524 Revision E1
  • DI-524 Revision E3
  • DI-524UP Revision A1
  • DI-524UP Revision A2
  • DIR-100 Revision A1
  • DIR-120 Revision A1

Image:Shutterstock.com/ Maksim Kabakou