Security researchers have found a backdoor account in the firmware of D-Link DIR-620 routers that allows hackers to take over any device reachable via the Internet.
Discovered by Kaspersky Lab researchers, this backdoor grants an attacker access to the device's web panel, and there's no way in which device owners can disable this secret account.
The only way to protect devices from getting hacked is to avoid having the router expose its admin panel on the WAN interface, and hence, reachable from anywhere on the Internet.
To prevent abuse, Kaspersky researchers have refrained from disclosing the backdoor's account username and password.
One other vulnerability can disclose Telnet credentials
The backdoor account (CVE-2018-6213) is just one of four vulnerabilities Kaspersky researchers found in the firmware of these devices following a
recent security audit. The other three flaws include: