D-Link Routers Vulnerable To DNS Hijacking

An anonymous reader writes At least one and likely more D-Link routers as well as those of other manufacturers using the same firmware are vulnerable to remote changing of DNS settings and, effectively, traffic hijacking, a Bulgarian security researcher has discovered. Todor Donev, a member of the Ethical Hacker research team, says that the vulnerability is found in the ZynOS firmware of the device, D-Link's DSL-2740R ADSL modem/wireless router. The firmware in question is implemented in many networking equipment manufactured by D-Link, TP-Link Technologies and ZTE.

Why leave remote administration on?

[ciscoguy01]

Why leave remote administration on?
I would avoid opening the web UI of any home router on the WAN side.
It's mostly unnecessary and a needless security exposure.