Â鶹ÒùÔº

October 15, 2013 weblog

D-Link to issue router firmware updates for backdoor vulnerability

by , Â鶹ÒùÔº

D-Link issues router firmware updates

(Â鶹ÒùÔº) —D-Link is tending to the router backdoor security issue that affects some of its routers. The company assures that it is "proactively working with the sources of these reports as well as continuing to review across the complete product line to ensure that the vulnerabilities discovered are addressed." The drama began on Saturday night, when it was discovered, thanks to Craig Heffner, a vulnerability researcher with Tactical Network Solutions, that a backdoor-type function built into the firmware of some D-Link routers could be used to bypass standard authentication procedures. This was an opportunity to gain control of the device, potentially giving a criminal unauthorized access to a router's admin settings.

that it is releasing firmware updates to address the vulnerability in affected routers. "Security and performance is of the utmost importance to D-Link across all product lines," D-Link said on its website.

D-Link is presently working with Heffner and other researchers to learn more about the vulnerability. D-Link said it is also continuing to review its entire product line to make sure vulnerabilities are addressed."We are proactively working with the sources of these reports," the company said in a statement.

As of the time of this writing, on its security page, D-Link already had posted a number of patches it was making available to address the . The page is titled "Update on Router Security issue." The company said that "Various media reports have recently been published relating to vulnerabilities in network routers, including D-Link devices."

The company released firmware updates for the DIR-300, DIR-600, DIR-615, DIR-645, DIR-815, DIR-845L, DIR-865L, DSL-320B and DSL-321B.

"These firmware updates address the in affected D-Link ," the page stated. "D-Link will update this continually and we strongly recommend all users to install the relevant updates."

The company also advised against responding to unsolicited e-mails related to vulnerabilities prompting the user to take action.

"When you click on links in such e-mails, it could allow unauthorized persons to access your router. Neither D-Link nor its partners and resellers will send you unsolicited messages where you are asked to click or install something." D-Link also suggested disabling remote access to the router if it is not required.

© 2013 Â鶹ÒùÔº

Citation: D-Link to issue router firmware updates for backdoor vulnerability (2013, October 15) retrieved 19 May 2025 from /news/2013-10-d-link-issue-router-firmware-backdoor.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Router compromise, rogue remote control? Easy, says ISE
0 shares

Feedback to editors
Load comments (0)