Backdoor In To Selected D-Link Routers Revealed

Internet security is something that we [in a good way] get shoved towards us all the time, however it has been revealed that a number of D-Link routers have a vulnerable back-door gateway built into their firmware that can potentially allow unwanted users from gaining access to the units web management interface and therefore potentially the rest of your network.

Whilst looking through the firmware code for a DIR-100 router, a blogger from /dev/ttySO stumbled across the potentially fatal piece of coding that allows this access to be made. Using a specific string of code and connecting to the router via a wired or wireless connection, the reverse engineered back-door allowed the standard security authentication to be bypassed and full access granted.

To narrow down the vulnerability, only units that run on the DIR-100 firmware are known to be affected, however with many ISPs providing their users with D-Link equipment, both to residential and business customers, the potential for a security breach in the likes of public areas is unthinkable.

After some research it has been calculated that the following units are likely to be affected:

  • DIR-100
  • DI-524
  • DI-524UP
  • DI-604S
  • DI-604UP
  • DI-604+
  • TM-G5240

Additionally, several Planex routers also appear to use the same firmware:

  • BRL-04UR
  • BRL-04CW

Even more worryingly it has been reported that some versions of the DIR-615 may be affected as used by Virgin Mobile, although this has yet to be verified.

Whether or not this back door was supposed to placed within the firmware is yet to be disclosed by D-Link, however I’m sure their firmware coding teams will be hot on the case to ensure that this security breach doesn’t affect the reputation of D-Link in the long run and a major security outbreak runs wild.

Source: /dev/ttySO