D-Link issues firmware updates to fix security vulnerability

Various D-Link routers allow administrative web actions if the HTTP request contains a specific User-Agent string. This backdoor allows an attacker to bypass password authentication and access the router’s administrative web interface. Planex and Alpha Networks devices may also be affected, please contact these vendors directly at their regional websites.

Remote Management is default disabled on all D-Link Routers and is included for customer care troubleshooting if useful and the customer enables it.

Read the full advisory here – http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10001

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top