HWZ Forums

Login Register FAQ Mark Forums Read

D-Link router 'backdoor'

Like Tree1Likes
  • 1 Post By PetPet
Share This Page
HardwareZone.com on Facebook
Reply
 
LinkBack Thread Tools
Old 14-10-2013, 01:36 PM   #1
Moderator
 
Join Date: May 2004
Posts: 92,899
D-Link router 'backdoor'

If your browser’s user agent string is “xmlset_roodkcableoj28840ybtide” (no quotes), you can access the web interface without any authentication and view/change the device settings.

Users are advice to flash their routers to third party firmwares alternatives such as OpenWRT/DD-WRT

Source :
Reverse Engineering a D-Link Backdoor - /dev/ttyS0

Likely affected models are

Based on the source code of the HTML pages and some Shodan search results, it can be reasonably concluded that the following D-Link devices are likely affected:

DIR-100
DI-524
DI-524UP
DI-604S
DI-604UP
DI-604+
TM-G5240

Additionally, several Planex routers also appear to use the same firmware:

BRL-04UR
BRL-04CW
chesterqw likes this.
__________________
oh joy.
We stopped checking for monsters under our beds when we realised they were inside us.
PetPet is offline   Reply With Quote
Reply
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.


Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On