Backdoor found in D-Link home routers
- 14 October 2013
- From the section Technology
An easy-to-exploit backdoor has been found in seven different models of domestic routers made by D-Link and Planex.
The backdoor, if used, would let an attacker take complete control of a router or modem and spy on a home's browsing activity.
D-Link has acknowledged the existence of the backdoor and said a fix would be available by the end of October.
So far, the backdoor does not seem to have been exploited "in the wild".
The backdoor was discovered by security researcher Craig Heffner, who reverse-engineered the software used to control a D-Link DIR-100 router. Deep analysis of the code revealed a string of letters that, if used in the right way, unlocked remote access to the gadget.
Writing about his findings on his blog, Mr Heffner speculated that the password string was included to make it easier for D-Link to remotely update some of its products.
The same string has been found to work on seven D-Link routers (DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and the TM-G5240) and two from Planex (BRL-04UR and BRL-04CW).
Many thousands of people are believed to have bought the routers before they were revealed to be vulnerable.
In a statement, D-Link said it was working with Mr Heffner and other security researchers to find out more about the backdoor. It added it was also conducting a review of its other products to see if it was present in other models.
In addition it said that it would soon produce a update for the software that keeps the routers running, known as firmware, that would close the backdoor. The company urged users to be vigilant and to disable remote access to their router if it was not needed.
However, Mr Heffner's employer, Tactical Network Solutions, denied that D-Link was working with either the vulnerability researcher or anyone else in the company.
Planex has yet to issue a statement about its products.