Gandalf_The_Grey
Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,364
Several routers from D-Link contain a "hidden backdoor" that allows attackers to log into the devices, Taiwan's Computer Emergency Response Team (TWCERT) warns. Firmware updates have been released to fix the problem.
"Certain models of D-Link Wi-Fi routers contain an unlisted factory test backdoor. Unauthenticated attackers on the local network can enable Telnet via a special url and then log in via the admin login credentials found in the firmware," according to the Taiwanese government agency's explanation. According to D-Link's description, this is a path traversal vulnerability, although it could also be an error in the description, as the same security bulletin describes another path traversal vulnerability.
Translated with DeepL.com (free version)