D-Link router backdoor vulnerability allows full access to settings

By on October 13, 2013, 3:30 PM
router, d-link, security, vulnerability, backdoor

If you have a D-Link router, you should be particularly cautious as a fairly serious vulnerability has been discovered. A writer from embedded device hacking website /dev/ttyS0 was looking through the firmware for a D-Link DIR-100 router, and found something unusual. After a small bit of reverse engineering, a backdoor to the D-Link router was uncovered, allowing full access to the router's web configuration interface.

The worrying part about this vulnerability is how it can be exploited. Anyone connected to the router, whether it's through Ethernet or Wi-Fi, can simply set their browser's user agent string to a specific codeword and then attempt to access the web configuration panel. The router will then detect the string and skip its standard authentication practices, allowing full access without needing to log in.

Only a certain selection of routers are known to be affected, all which use the DIR-100 firmware, but there's the possibility that firmware for other D-Link routers also includes backdoor code.

Currently there is no way to stop this type of vulnerability from being exploited, other than preventing shady characters from connecting to your network. While the implications aren't as serious for home networks, any small businesses that use an affected D-Link router, while allowing public access for free Wi-Fi (for example), could find themsevles in a bit of strife.

The backdoor has likely been coded in for maintenance reasons, although D-Link hasn't explicitly stated the reasons behind the its inclusion. Hopefully the company can resolve the security issues presented here swiftly, before malicious users harness its potential in the wild.




User Comments: 17

Got something to say? Post a comment
1 person liked this | Seventh Reign Seventh Reign said:

*Sniff*nsa*Sniff*

Guest said:

The NSA have their foot in every door.

Guest said:

D-Link sucks anyway

Guest said:

Anyone silly enough to use d-stink hardware deserved it

tipstir tipstir, TS Ambassador, said:

The had issues closing port 113. I've stopped using anything from DLINK.

veLa veLa said:

Good thing I would never use D-Link

Guest said:

Can you say DD-WRT?

Guest said:

Why didn't Edward Snowed-in warn us that the NSA had backdoors in Dlink firmware?

Coz he couldn't cash in out that one. Damn traitor.

misor misor said:

Hehehe. did some u.s. officials allege that some Chinese tech products made by Huawei are a threat to u.s. national security due to backdoor vulnerabilities? maybe all these 'backdoors' are at the corresponding government's request.

spencer spencer said:

Why didn't Edward Snowed-in warn us that the NSA had backdoors in Dlink firmware?

Coz he couldn't cash in out that one. Damn traitor.

He said the nsa has been building backdoors in software in general practically everything. Think of it all they have to do is insert one highly skilled developer into the company they choose and the backdoor is there.

Guest said:

The U.S. Constitution is written in plain enough language that most of us can read and understand it. When you compare our governments actions and Mr. Snowden's actions against that document, are you really sure who the traitor is?

...I'm not.

Night Hacker Night Hacker said:

Anyone silly enough to use d-stink hardware deserved it

How the hell do I "deserve it"?! It is inexpensive and works for me. I can't stand people like you who berate others like this. I know a lot of very good people who know very little about computers who would probably use this hardware and they most certainly do not "deserve it"! I can see why you hide behind the "guest" feature, coward.

Guest said:

My d-link blocks random connections. Iv checked the settings which show no security whatsoever enabled. Random connections dont get blocked when im plugged directly into my modem, so I know it doesnt have to do with my isp. My next router wont be d-link.

JC713 JC713 said:

Glad I dont have a Dlink router.

Guest said:

Agreed. D-Link is a shitty company with crappy hardware. Their routers can't even process a few UDP packets for a couple of minutes without crashing horribly. What a worthless company. It still amazes me how such a company can stay in business for so long.

Guest said:

@ previous Guest : Probably due to NSA funding. :p

Of course I wouldn't be surprised if reverse engineers continue discovering more backdoors in common hardware and software. Windows, now D-Link, what's next? It's getting closer and closer to the Open Source revolution.

gobbybobby said:

The router pictured I see alot. Taped to the ceiling in Train stations, schools, airports, there used widely.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.