Slashdot Mirror

← Back to Stories (view on slashdot.org)

D-Link Router Backdoor Vulnerability Allows Full Access To Settings

Posted by samzenpus on Sunday October 13, 2013 @03:07PM from the protect-ya-neck dept.

StealthHunter writes "It turned out that just by setting a browsers user-agent to 'xmlset_roodkcableoj28840ybtide' anyone can remotely bypass all authentication on D-Link routers. It seems that thttpd was modified by Alphanetworks who inserted the backdoor. Unfortunately, vulnerable routers can be easily identified by services like shodanHQ. At least these models may have vulnerable firmware: DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240."

4 of 228 comments (clear)

Min score:

Reason:

Sort:

discipline by Moblaster · 2013-10-13 15:40 · Score: 5, Funny

The Beatings Will Continue... Until the Firmware Improves.
xmlset_roodkcableoj28840ybtide by Alsee · 2013-10-13 16:17 · Score: 4, Funny

Heay!
That's the combination on my luggage!
-

--
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Re:edited by 04882 Joel backdoor by jamesh · 2013-10-13 18:41 · Score: 4, Funny

All this time we were running around blaming the NSA, when it was Joel all along!
Re:Cisco by cjjjer · 2013-10-14 02:19 · Score: 5, Funny

Remind me never to pick you as a team-mate for Trivial Pursuit.