1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Do you have D-Link router ? If so, stop using it - You're not safe

Discussion in 'Off Topic' started by Adam Howard, Oct 19, 2013.

  1. Adam Howard

    Adam Howard Well-Known Member

    The Web interface for some D-Link routers could be accessed if a browser's user agent string is set to xmlset_roodkcableoj28840ybtide

    Curiously, if the second half of the user agent string is reversed and the number is removed, it reads "edit by joel backdoor," suggesting it was intentionally placed there.

    The affected models likely include D-Link's DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240 and possibly the DIR-615. The same firmware is also used in the BRL-04UR and BRL-04CW routers

    Personally, I would recommend a TP-Link Router (reff link) as a replacement. That's basically what I use.
    Last edited: Oct 19, 2013
    Liam W and Shelley like this.
  2. Adam Howard

    Adam Howard Well-Known Member

    Got a Linksys router and think you're safe? :cautious:
    Even changed the default user name and password? :cautious:
    Or perhaps you turned off remote sign-in in order to be safer? :cautious:

    Feeling safe? :sneaky:

    Type in or even (better) your remote IP address (the one your ISP has assigned you), since that is what anyone else would use to reach you..... (whatismyip.com)

    user name:
    password: admin


    user name: root
    password: root

    Your user name and password doesn't mean anything. Depending on your model, you just logged in as root, by passing whatever user name and password you had before (and on some models even if you had remote log-in turned off).
    Liam W likes this.
  3. =MGN=RedEagle

    =MGN=RedEagle Well-Known Member

    *Faints* :eek:
    Adam Howard and SneakyDave like this.
  4. Shelley

    Shelley Well-Known Member

    I'm going to join you. *swoons*

    *Adds Lens flaring 256+ for authenticity purposes and/or stamp of disapproval* Untitled-2.png
  5. Liam W

    Liam W Well-Known Member

    What, no NETGEAR backdoors? Drat ;)
    0xym0r0n likes this.
  6. infis

    infis Well-Known Member

    Use Mikrotik routers. These are very advanced routers with convenient management. And about D-Link forget: it is a lot of bugs, badly are set up, overheat, poor performance.
  7. SneakyDave

    SneakyDave Well-Known Member

    FUD, from December 2012. :rolleyes:
    Brandon Sheley likes this.
  8. Adam Howard

    Adam Howard Well-Known Member

    Got Netgear and feeling safe? :cautious:


    ^ Some Netgrear are also affected by the root exploit. :eek: But this one isn't as clear cut as Linksys. :confused: You could have two of the same kind of routers (model and firmware) & maybe only 1 of them (or both); could be breached remotely using root.

    This suggest that it maybe a chip set difference. Because at one time Netgear was in the middle of changing where those were manufactured.

    So try it and play Russian Roulette.... Feeling lucky? :cautious:

    I still recommend TP-Link Routers. Nothing found in them thus far.
    Last edited: Oct 19, 2013
  9. SneakyDave

    SneakyDave Well-Known Member

    I have Netgear, its great, but not Netgreat.

    that Amazon link looks like it has an affiliate link in it.
  10. Adam Howard

    Adam Howard Well-Known Member

    I'd like to blame auto correct on that one, but nope, totally me. I had a friend once who kept calling them that to be silly. And from time to time, when I'm typing away fast.... I end up doing it.

    Thanks for the heads up. Fixed it. :)
  11. SneakyDave

    SneakyDave Well-Known Member

    But you didn't fix your affiliate link?
  12. Adam Howard

    Adam Howard Well-Known Member

    Just copied and pasted the Amazon share link for twitter. o_O
    Don't think it's a reff link, but did update it to note it as such.
  13. EQnoble

    EQnoble Well-Known Member

    not so much a back door...but can still be a problem...

    SneakyDave likes this.
  14. Jaxel

    Jaxel Well-Known Member

    I use Linksys... USED TO LOVE THEM...

    Now I hate them... all because of this ****ty Cisco Cloud Connect firmware.
    Adam Howard and EQnoble like this.
  15. EQnoble

    EQnoble Well-Known Member

    I won't go so far as to say I hate them...but yeah there is no reason they need firmware updates that let them track my browsing history at the gateway to my home network
  16. mistypants

    mistypants Well-Known Member

    If you really want to secure your router, hide the SSID, implement a MAC Address filter, use WPA2, and disallow logins to the admin interface through wifi. Most home routers should have those features and they're pretty easy to set up.
  17. EQnoble

    EQnoble Well-Known Member

    Not broadcasting the ssid does nothing really unless you are talking about the cases where people don't change the default password and someone is being a nosey pest as someone who knows what they are doing is going to see your bssid, the channel you use and eventually your essid no matter what you do...and then to a slightly skilled person the MAC filter is useless as well as a couple of pings, a handshake or two and someone can just borrow a whilelisted MAC addy already on your network and then gain access using your passphrase or key which they can get in plain text with relative ease if they have already done any of this.

    Either way, even if someone doesn't do any of that...if your router has a vulnerability such as accepting random requests for plain text config files it doesn't really matter what settings you set.

    The odd thing is when someones network gets hacked...it is highly probable that the only reason that they were able to gain access to the wireless network in the first place is because the router was communicating with client over air.

    Wireless networks are weak sauce in general.
    Adam Howard likes this.
  18. Digital Doctor

    Digital Doctor Well-Known Member


    Neither of those passwords works for my Linksys Router.
    Adam Howard likes this.
  19. EQnoble

    EQnoble Well-Known Member

    SneakyDave and Adam Howard like this.
  20. Adam Howard

    Adam Howard Well-Known Member

    Then you're lucky not to have one of the affected models. :)

    edit: Wait.... Is that the wifi screen? Cause if it is, I never said it was via wifi. This exploit would be via lan or internet

Share This Page