D-Link Router Backdoor Vulnerability Allows Full Access To Settings

http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/

By setting a browsers user-agent to 'xmlset_roodkcableoj28840ybtide' anyone can remotely bypass all authentication on D-Link routers.

Models may have vulnerable firmware: DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240.

 

Now this is truly astounding, a public backdoor readily available anywhere online. Must... stop... evil thoughts!

 

Tip: Every major router company:

1) Builds backdoors in

2) Has horribly vulnerable firmware

And it takes about 30 seconds to find either with basic reverse engineering skills.

 

Really, then can you spare me 30sec of your time, to see if you find any info about any backdoor or vulnerability in any DrayTek router?

 

lol

 

lol Yeah, if you want to pay for it. I'd need to have the device in front of me.

 

With questions like these surrounding more network hardware and its firmware, I'm starting to think that a virtual router might be a more secure choice, at least in regards to its integrity.

 

Oh well I thought you meant 30sec research online and voila there you go. But I guess not

 

http://www.dlink.com/uk/en/support/security

 

PFFT thats all what you got? I can do it.
Here, hold my beer.

 

D-Link to padlock router backdoor by end of October

For those than have these routers at home, read the rest of the below:
http://www.computerworld.com/s/arti..._to_padlock_router_backdoor_by_end_of_October

 

This makes it seem like the Backdoor works over the internet/WAN side as well?
http://blog.erratasec.com/2013/10/that-dlink-bug-masscan.html

 

yes, over the internet indeed... if remote access in enabled (normally OFF by default).

 

i'd like to hear what those who keep recommending router firewall only has got to say about this?

 

That you shouldn't use a D-Link router? But I'm advocating a layered approach to security, so I'm not the one who should answer you.

 

http://seclists.org/bugtraq/2005/May/322

http://it.slashdot.org/story/10/01/19/0147239/d-link-warns-of-vulnerable-routers

Don't be naive, it is not just D-link routers that have 'bugs' ...

 

thank god i don't.

 

More brands found to contain hidden “backdoors”
http://www.welivesecurity.com/2013/...ore-brands-found-to-contain-hidden-backdoors/

 

I have a DIR-615 since many years but first thing to do was to change firmware to DD-WRT. Now if DD-WRT have a backdoor is another problem but the router itself works perfect fine during this years.

 

Vulnerabilities in some Netgear router and NAS products open door to remote attacks
http://www.cso.com.au/article/52987...router_nas_products_open_door_remote_attacks/

 

New Linux worm targets routers, cameras, “Internet of things” devices
http://arstechnica.com/security/201...s-routers-cameras-internet-of-things-devices/

 

I'm so glad i changed from d-link router to Belkin Router.
NEVER again D-Link, never

 

FYI, Belkin have had some problems too unfortunately, from earlier this year.

http://www.computerworld.com/s/arti...ers_contain_critical_security_vulnerabilities

Next month reports can be about another manufacturer.

 

Yeah? BUT it showed that it did NOT affect my Belkin Router N150

affected Products >Those products were the Linksys WRT310v2, Netgear's WNDR4700, TP-Link's WR1043N, Verizon's FiOS Actiontec MI424WR-GEN3I, D-Link's DIR865L and Belkin's N300, N900 and F5D8236-4 v2 models.

 

Affected products: All of them. If you think that your router, using default firmware, doesn't have a backdoor... you're wrong. It does. Researchers find new backdoors in routers very often - one who I had talked to had found one backdoor in a few different vendors routers in just a few minutes, along with over 30 other unrelated vulnerabilities ranging from XSS to full RCE.