Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

+ - Browser user-agent triggered backdoor found in D-Link home routers ->

Submitted by StealthHunter
StealthHunter (597677) writes "It turned out that just by setting a browsers user-agent to "xmlset_roodkcableoj28840ybtide" anyone can remotely bypass all authentication on D-Link routers. It seems that thttpd was modified by Alphanetworks who inserted the backdoor. Unfortunately, vulnerable routers can be easily identified by services like shodanHQ. At least these models may have vulnerable firmware: DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240."
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Browser user-agent triggered backdoor found in D-Link home routers

Comments Filter:

One of the chief duties of the mathematician in acting as an advisor... is to discourage... from expecting too much from mathematics. -- N. Wiener

Working...