Slashdot Mirror

← Back to Stories (view on slashdot.org)

D-Link Router Backdoor Vulnerability Allows Full Access To Settings

Posted by samzenpus on from the protect-ya-neck dept.

StealthHunter writes "It turned out that just by setting a browsers user-agent to 'xmlset_roodkcableoj28840ybtide' anyone can remotely bypass all authentication on D-Link routers. It seems that thttpd was modified by Alphanetworks who inserted the backdoor. Unfortunately, vulnerable routers can be easily identified by services like shodanHQ. At least these models may have vulnerable firmware: DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240."

5 of 228 comments (clear)

  1. discipline by Moblaster · · Score: 5, Funny

    The Beatings Will Continue... Until the Firmware Improves.

  2. xmlset_roodkcableoj28840ybtide by Alsee · · Score: 4, Funny

    Heay!
    That's the combination on my luggage!

    -

    --
    - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
  3. Re:edited by 04882 Joel backdoor by jamesh · · Score: 4, Funny

    All this time we were running around blaming the NSA, when it was Joel all along!

  4. Re:Will this stupidity ever end? by kestasjk · · Score: 3, Funny

    Oh yeah, hell hath no fury like a D-Link customer scorned; when they find out their cheap disposable routers have a flaw in them they'll need to send in the army.

    --
    // MD_Update(&m,buf,j);
  5. Re:Cisco by cjjjer · · Score: 5, Funny

    Remind me never to pick you as a team-mate for Trivial Pursuit.