Site icon IT World Canada

Firmware flaw allows hack attack of D-Link routers, other devices

lock on blue background, IT security

A recently published proof-of-concept exploit illustrates how a certain D-Link router model could be vulnerable to hackers intent in hijacking user traffic.

Todor Doney, a member of Ethical Hacker, a Bulgaria-based security research group, created the exploit, according to report.

Doney said the vulnerability could affect other devices from D-Link as well as routers from other manufacturers.

The exploit demonstrated how a flaw in the DSL-2740R router, a dual function ADSL modem/wireless router from D-Link, allows hackers to alter the device’s domain name system (DNS) settings and lets the attackers hijack user traffic.

Doney said the weakness likely affects devices from other manufacturers as well because it is found in a popular firmware.

The online support site of D-Link said the particular model has been phased out. But although the device is no longer sold, it might still receive support if it is covered by a warranty.

Doney said the vulnerability is in ZynOS, a router firmware made by ZyXEL Communications. Its products are used by many network equipment manufacturers including D-Link, TP-Link and ZTE.

Read the whole story here

 

Exit mobile version