An interesting report on Dailytech indicates that a critical security hole affecting certain D-Link routers remains unfixed after several months, with little to no sign that the company plans to update the products' firmware and resolve the problem. The affected products are: DI-524 (Wireless), DI-604*, DI-624 (Wireless), DI-784* (Wireless), EBR-2310*, WBR-1310 (Wireless), WBR-2310 (Wireless). * Denotes firmware update available.
The vulnerability allows remote code to be executed through the routers firmware potentially leaving affected customers vulnerable to attack. The vulnerability can give an attacker complete control over any and all network traffic.
This is a very serious issue being overlooked by one of the largest home router providers. Reportedly, the bug only affects the LAN part of the router, however because some of them offer wireless capabilities, there is still room for compromising the connection.