If you have a D-Link router, you should be particularly cautious as a fairly serious vulnerability has been discovered. A writer from embedded device hacking website /dev/ttyS0 was looking through the firmware for a D-Link DIR-100 router, and found something unusual. After a small bit of reverse engineering, a backdoor to the D-Link router was uncovered, allowing full access to the router's web configuration interface.
The worrying part about this vulnerability is how it can be exploited. Anyone connected to the router, whether it's through Ethernet or Wi-Fi, can simply set their browser's user agent string to a specific codeword and then attempt to access the web configuration panel. The router will then detect the string and skip its standard authentication practices, allowing full access without needing to log in.
Only a certain selection of routers are known to be affected, all which use the DIR-100 firmware, but there's the possibility that firmware for other D-Link routers also includes backdoor code.
Currently there is no way to stop this type of vulnerability from being exploited, other than preventing shady characters from connecting to your network. While the implications aren't as serious for home networks, any small businesses that use an affected D-Link router, while allowing public access for free Wi-Fi (for example), could find themsevles in a bit of strife.
The backdoor has likely been coded in for maintenance reasons, although D-Link hasn't explicitly stated the reasons behind the its inclusion. Hopefully the company can resolve the security issues presented here swiftly, before malicious users harness its potential in the wild.
