D-Link patches critical router flaws2015-03-05 09:53 by Daniela
Tags: D-Link, router, security, bug
Router manufacturer D-Link has announced that it will patch critical remote access flaws found in several models of its router product line. Among the affected devices are: DIR-626L, DIR-636L, DIR-808L, DIR-810L, DIR-820L, DIR-826L, DIR-830L and DIR-836L. The company is expected to release firmware updates for those models later this week.
"First vulnerability reportedly relates to a malicious user who might be connected to the LAN-side of the device to use the devices upload utility to load malicious code without authentication. A second vulnerability reportedly relates to the device's ping utility that might permit command injection without authentication. A third vulnerability reportedly may exploit certain chipset utilities in firmware to potentially permit a malicious user an attack disclosing information about the devices configuration," D-Link noted in a security advisory released on Monday.
Until the patches are released, users can protect themselves from attacks by checking the router's history for unauthorized access, encrypt Wi-Fi connections, and check regularly for firmware updates.
According to the company, some attacks can be blocked by disabling the remote management feature that can provide access to a router's settings. By default, the capability is turned off.
Read more -here-