D-Link Router Backdoor Vulnerability Allows Full Access To Settings

Discussion in 'other security issues & news' started by Malcontent, Oct 14, 2013.

Thread Status:
Not open for further replies.
  1. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Now this is truly astounding, a public backdoor readily available anywhere online. Must... stop... evil thoughts! :ninja:
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Tip: Every major router company:

    1) Builds backdoors in

    2) Has horribly vulnerable firmware

    And it takes about 30 seconds to find either with basic reverse engineering skills.
     
  4. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Really, then can you spare me 30sec of your time, to see if you find any info about any backdoor or vulnerability in any DrayTek router? :D
     
  5. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    :D :D lol :thumb:
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    lol Yeah, if you want to pay for it. I'd need to have the device in front of me.
     
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    With questions like these surrounding more network hardware and its firmware, I'm starting to think that a virtual router might be a more secure choice, at least in regards to its integrity.
     
  8. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Oh well I thought you meant 30sec research online and voila there you go. But I guess not :D
     
  9. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    http://www.dlink.com/uk/en/support/security
     
  10. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    PFFT thats all what you got? I can do it.
    Here, hold my beer. :D
     
  11. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    D-Link to padlock router backdoor by end of October
    For those than have these routers at home, read the rest of the below:
    http://www.computerworld.com/s/arti..._to_padlock_router_backdoor_by_end_of_October
     
  12. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
  13. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    yes, over the internet indeed... if remote access in enabled (normally OFF by default).
     
  14. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    758
    i'd like to hear what those who keep recommending router firewall only has got to say about this? :p
     
  15. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    That you shouldn't use a D-Link router? ;) But I'm advocating a layered approach to security, so I'm not the one who should answer you. :D
     
  16. Enigm

    Enigm Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    188
  17. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    758
    :D thank god i don't.
     
  18. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  19. burebista

    burebista Registered Member

    Joined:
    Mar 4, 2010
    Posts:
    208
    Location:
    Romania
    I have a DIR-615 since many years but first thing to do was to change firmware to DD-WRT. Now if DD-WRT have a backdoor is another problem but the router itself works perfect fine during this years.
     
  20. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  21. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  22. SnowFlakes

    SnowFlakes Registered Member

    Joined:
    Jun 29, 2011
    Posts:
    194
    I'm so glad i changed from d-link router to Belkin Router.
    NEVER again D-Link, never
     
  23. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    FYI, Belkin have had some problems too unfortunately, from earlier this year.
    http://www.computerworld.com/s/arti...ers_contain_critical_security_vulnerabilities

    Next month reports can be about another manufacturer.
     
  24. SnowFlakes

    SnowFlakes Registered Member

    Joined:
    Jun 29, 2011
    Posts:
    194
    Yeah? BUT it showed that it did NOT affect my Belkin Router N150 ;)

    affected Products >Those products were the Linksys WRT310v2, Netgear's WNDR4700, TP-Link's WR1043N, Verizon's FiOS Actiontec MI424WR-GEN3I, D-Link's DIR865L and Belkin's N300, N900 and F5D8236-4 v2 models.
     
  25. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Affected products: All of them. If you think that your router, using default firmware, doesn't have a backdoor... you're wrong. It does. Researchers find new backdoors in routers very often - one who I had talked to had found one backdoor in a few different vendors routers in just a few minutes, along with over 30 other unrelated vulnerabilities ranging from XSS to full RCE.
     
Loading...
Thread Status:
Not open for further replies.