home    meetings         links     contact

News

D-Link admits home routers vulnerable to hackers

Router manufacturer D-Link admitted that some of its routers have a vulnerability that could allow hackers access to a device's administrative settings, but it has issued patches.

According to a blog post from SourceSec Security Research, some D-Link routers have an insecure implementation of the Home Network Administration Protocol (HNAP), which could allow an unauthorised person to change a router's settings.

D-Link said it only appeared possible to hack the routers using the software tool and not just with standalone code.

D-Link and SourceSec differed over which models were vulnerable. SourceSec wrote that it suspected that all D-Link routers made since 2006 with HNAP support were affected, but they said they had not tested all of them.

D-Link said the models affected are the DIR-855 (version A2), DIR-655 (versions A1 to A4) and DIR-635 (version B). Three discontinued models, DIR-615 (versions B1, B2 and B3), DIR-635 (version A) and DI-634M (version B1), are also affected.

Member Related Links