StealthHunter writes “It turned out that just by setting a browsers user-agent to ‘xmlset_roodkcableoj28840ybtide’ anyone can remotely bypass all authentication on D-Link routers. It seems that thttpd was modified by Alphanetworks who inserted the backdoor. Unfortunately, vulnerable routers can be easily identified by services like shodanHQ. At least these models may have vulnerable firmware: DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240.” Read more of this story at Slashdot.
Visit site:
D-Link Router Backdoor Vulnerability Allows Full Access To Settings