Skip to comments.
Backdoor found in D-Link router firmware code
Infoworld ^
| October 14, 2013
| Jeremy Kirk
Posted on 10/14/2013 8:25:58 PM PDT by NoCmpromiz
A backdoor found in firmware used in several D-Link routers could allow an attacker to change a device's settings, a serious security problem that could be used for surveillance.
Craig Heffner, a vulnerability researcher with Tactical Network Solutions who specializes in wireless and embedded systems, found the vulnerability.
The affected models likely include D-Link's DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240 and possibly the DIR-615. The same firmware is also used in the BRL-04UR and BRL-04CW routers made by Planex, Heffner wrote.
D-Link officials could be immediately reached for comment on Monday.
(Excerpt) Read more at infoworld.com ...
TOPICS: Computers/Internet
KEYWORDS: backdoor; dlink
And how many more devices from how many more manufacturers have a similar 'undocumented feature'?
To: NoCmpromiz
2
posted on
10/14/2013 8:31:55 PM PDT
by
Paladin2
To: NoCmpromiz
Just the ones who don’t want an IRS audit, and a visit from OSHA, and a full EPA investigation, and an INS/ICE raid or two, and lose any existing government contracts, and have a bunch of kiddie porn suddenly appear on their computers.
Why do you ask?
3
posted on
10/14/2013 8:34:30 PM PDT
by
null and void
(I'm betting on an Obama Trifecta: A Nobel Peace Prize, an Impeachment, AND a War Crimes Trial...)
To: NoCmpromiz
And how many more devices from how many more manufacturers have a similar 'undocumented feature'? My guess? All of them.
4
posted on
10/14/2013 8:36:26 PM PDT
by
ThunderSleeps
(Stop obarma now! Stop the hussein - insane agenda!)
To: NoCmpromiz
I have the D-Link 615 with DD-WRT.
5
posted on
10/14/2013 8:40:40 PM PDT
by
steve86
(Some things aren't really true but you wouldn't be half surprised if they were.)
To: NoCmpromiz; COUNTrecount; Nowhere Man; FightThePower!; C. Edmund Wright; jacob allen; ...
Nut-job Conspiracy Theory Ping!
To get onto The Nut-job Conspiracy Theory Ping List you must threaten to report me to the Mods if I don't add you to the list...
6
posted on
10/14/2013 8:41:18 PM PDT
by
null and void
(I'm betting on an Obama Trifecta: A Nobel Peace Prize, an Impeachment, AND a War Crimes Trial...)
To: NoCmpromiz
Hmm. This reminds me of Inslaw’s “Promis” program.
To: NoCmpromiz
xmlset_roodkcableoj28840ybtide Curiously, if the second half of the user agent string is reversed and the number is removed, it reads "edit by joel backdoor," suggesting it was intentionally placed there.
Sure enough.
8
posted on
10/14/2013 8:43:20 PM PDT
by
steve86
(Some things aren't really true but you wouldn't be half surprised if they were.)
To: steve86
I have the D-Link 615 with DD-WRT. Doubtful there's a backdoor there!
9
posted on
10/14/2013 8:45:18 PM PDT
by
quimby
To: steve86
10
posted on
10/14/2013 8:49:58 PM PDT
by
NonValueAdded
(Occupy the DC Mall - take back the monuments)
To: NoCmpromiz
Grrrr. I don't mind avoid D-Link for my future purchases as they have abused my trust. But who these days provides trustworthy hardware?
11
posted on
10/14/2013 8:52:00 PM PDT
by
so_real
( "The Congress of the United States recommends and approves the Holy Bible for use in all schools.")
To: NoCmpromiz
I bet we find out a lot more routers have such firmware problems. “features” if you’re the nsa.
12
posted on
10/14/2013 8:53:24 PM PDT
by
Secret Agent Man
(Gone Galt; Not averse to Going Bronson.)
To: NoCmpromiz
Who doesn't have an old link sys?
I don't have that string in my registry. I guess that means I'm ok.
13
posted on
10/14/2013 8:56:33 PM PDT
by
Slump Tester
(What if I'm pregnant Teddy? Errr-ahh -Calm down Mary Jo, we'll cross that bridge when we come to it)
To: Slump Tester
I don't have that string in my registry.As I understood the article, that string is in the router firmware so it wouldn't show in your Windoze registry...
14
posted on
10/14/2013 9:01:24 PM PDT
by
NoCmpromiz
(John 14:6 is a non-pluralistic comment.)
To: steve86
DD-WRT... is a good thing. Have it on both my routers. Make sure you change the default Admin and pass word...
15
posted on
10/14/2013 9:04:20 PM PDT
by
NoCmpromiz
(John 14:6 is a non-pluralistic comment.)
To: null and void
Why do you ask?Oh... just curious ;-)
And, you should have said 'and have a bunch of kiddie porn suddenly appear on their computers minutes before a no-knock raid by vice squad cops acting on an anonymous phoned in tip..'
;-)
16
posted on
10/14/2013 9:10:43 PM PDT
by
NoCmpromiz
(John 14:6 is a non-pluralistic comment.)
To: NoCmpromiz
17
posted on
10/14/2013 9:12:24 PM PDT
by
null and void
(I'm betting on an Obama Trifecta: A Nobel Peace Prize, an Impeachment, AND a War Crimes Trial...)
To: null and void
It’s ok to remain seated...
18
posted on
10/14/2013 9:14:20 PM PDT
by
NoCmpromiz
(John 14:6 is a non-pluralistic comment.)
To: NoCmpromiz
Good catch. I wasn’t paying enough attention to what I was reading.
19
posted on
10/15/2013 8:38:49 AM PDT
by
Slump Tester
(What if I'm pregnant Teddy? Errr-ahh -Calm down Mary Jo, we'll cross that bridge when we come to it)
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson