When every hacker worth his pinch of salt has claimed to hack big websites and government portals, are you wi-fi devices safe? The basic entry point of any router is the routers configuration page. It seems that hackers have been exploiting a big hole in the D-Links to access your wi-fi network without any authentication. Moreover the hacker can block/edit your own setting without your knowledge.
This is possible through reverse engineering the firmware or the D-Link routers. It has been discovered by /dev/ttyS0, a website dedicated to embedded device hacking. As said above the vulnerability allows the hacker to get full access to the router’s configuration page, even if the hacker doesn’t know the username or password for it. This is achieved by setting your browser’s user-agent to a certain string. With this, the modem skips authentication, and simply logs you in to the router giving full access to the hacker.
What the author did was latch on to the firmware v1.13 for the DIR-100 revA. This firmware is used by following D-Link devices
likely to have this vulnerability :
1. DIR-100
2. DI-524
3. DI-524UP
4. DI-604S
5. DI-604UP
6. DI-604+
7. TM-G5240
Additionally the following Planex routers manufactured and marketed in the Japan and United States which also use the same firmware are also likely to have the same loophole.
1. BRL-04UR
2. BRL-04CW
The author hacked the D-Link router through a user agent string “xmlset_roodkcableoj28840ybtide” (no quotes) and accessed pretty much everything without any authentication and view/change the device settings. The only requirement is that the hacker has to connect your router either through Wi-Fi or Ethernet. Imagine you are using the above versions of D-Link routers and if your wi-fi falls into wrong hands. The only thing to protect you from this vulnerability is to get your self the latest and secure D-Link router or a router of any other make.
The above said routers are being phased out by D-Link so there are no immediate worries but you cant expect D-Link to release a firmware update to plug this vulnerability. If you own any of the above said routers, it is advised to ditch it and get a new one pronto.
