|
|
Monday, October 14, 2013
|
D-Link To Patch Router Backdoor
|
|
You are sending an email that contains the article
and a private message for your recipient(s). |
| Your Name: |
|
| Your e-mail: |
* Required! |
| Recipient (e-mail): |
* |
| Subject: |
* |
| Introductory Message: |
|
HTML/Text
(Photo: Yes/No) |
(At the moment, only Text is allowed...)
|
| |
|
| Message Text: |
D-Link will release firmware updates to address a reported vulnerability in some of its routers by the end of October, the networking equipment manufacturer said today.
The security issue in some of D-Link's routers that could allow attackers to change the device settings without requiring a username and password. A backdoor-type function built into the firmware of some D-Link routers could be used to bypass the normal authentication procedure on their Web-based user interfaces according to Craig Heffner, a vulnerability researcher with Tactical Network Solutions.
According to Heffner, the affected models likely include D-Link's DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240 and possibly DIR-615. The BRL-04UR and BRL-04CW routers made by Planex Communications might also be vulnerable because they also appear to use the same firmware, he said.
The firmware updates will be listed on a security page on the D-Link website.
D-Link said that owners of affected devices can minimize any potential risk by ensuring that their router has the Wi-Fi password enabled and that remote access is disabled. In addition, users should not tale any action if they receive unsolicited e-mails that relate to security vulnerabilities.
|
|
|
|
|