D-Link has been making routers and modems for Internet users for a long time and holds a significant portion of market. Several routers produced by D-Link have been discovered to have a critical security vulnerability. The vulnerability was posted to a website dedicated to embedded device hacking and was discovered by reverse engineering a firmware update offered by D-Link.
The security flaw could allow nefarious users access to the configuration page of the router without having to know the username and password. The person who published exploit claims that hackers can set the user-agent on their browser to a specific string, which will skip all authentication processes and log users straight into the router. Once logged in, users have access to all settings allowing them to bypass or disable security functions.
Hackers trying to exploit this vulnerability do typically have to be directly connected to the router by ethernet or Wi-Fi to be able to access the configuration page. However, if the router’s configuration page is publicly accessible the exploit could be performed remotely. The exploit is claimed to be functional on devices running firmware version 1.13.
Affected D-Link model numbers include DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240. There is reportedly no way to protect completely from this vulnerability. The best policy to prevent nefarious access is to ensure the router is running the latest firmware version available and that the router configuration page isn’t publicly accessible.