DLink Routers Have a Security Backdoor
RussyRover > 25/10/2013, 11:34
Just seen this warning come through, maybe not a huge concern but you never know, especially if you have one of these...
There's bad news if you've got an Internet router made by the company DLink.
Security researchers have just found a backdoor in many of the models made by this company, which could allow someone to gain access to the router's configuration without a password.
The same firmware is also used in routers made by Planex, which are also vulnerable to the same attack.
The affected models include the DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and TM-G5240 units.
Check the label on the back of your router to see if you have one of these models. If you do, your Internet connection could be at risk.
By default, someone would need to be able to connect to your home network first before they could get access to the router and perform the attack. So, it is extremely important that you set a password for your Wi-Fi network if you don't already have one. This will stop casual hackers who are in the vicinity from being able to try out the attack on your system.
However, if you have configured the router so that it can be managed across the Internet, you are more at risk.
This setting will allow you to log in to your router from another PC, maybe at work, and change the configuration.
Unfortunately, that means that a hacker can also log in via the security backdoor.
Unless there is a very good reason, log in to your router's configuration screen and disable this feature. The router's documentation will tell you how to do so for your particular model.
Hopefully, DLink will address the problem soon and issue a fix for it. If you have an affected router, you should also keep an eye on the DLink website for updated firmware for your router.
You'll need to download the update, then use the router's management screen to upload it. Again, the manual will tell you how to do that for your router model.
---------------------------
Had to double check what I had, I knew it began with a D! but not a DLink luckily...