D-Link Releases Router Firmware Updates for backdoor vulnerability !!! In October, A Security researcher Craig Heffner discovered a backdoor vulnerability (CVE-2013-6027) with certain D-Link routers that allow cyber criminals to alter a router setting without a username or password. Last week, D-Link has released new version of Firmware for various vulnerable router models, that patches the unauthorized administrator access backdoor. Heffner found that the web interface for some D-Link routers could be accessed if the browsers user agent string is set to xmlset_roodkcableoj28840ybtide. From last month, D-Link was working with Heffner and other security researchers, to find out more about the backdoor and now the Company has released the updates for the following models: DIR-100 DIR-120 DI-524 DI-524UP DI-604UP DI-604+ DI-624S TM-G5240 The company advised users to do not enable the Remote Management feature, since this will allow malicious users to use this exploit from the internet and also warned to ignore unsolicited emails.
Posted on: Tue, 03 Dec 2013 11:17:12 +0000
Trending Topics
Recently Viewed Topics
© 2015