Firmware flaw allows hack attack of D-Link routers, other devices

A recently published proof-of-concept exploit illustrates how a certain D-Link router model could be vulnerable to hackers intent in hijacking user traffic.

Todor Doney, a member of Ethical Hacker, a Bulgaria-based security research group, created the exploit, according to report.

Doney said the vulnerability could affect other devices from D-Link as well as routers from other manufacturers.

The exploit demonstrated how a flaw in the DSL-2740R router, a dual function ADSL modem/wireless router from D-Link, allows hackers to alter the device’s domain name system (DNS) settings and lets the attackers hijack user traffic.

Doney said the weakness likely affects devices from other manufacturers as well because it is found in a popular firmware.

The online support site of D-Link said the particular model has been phased out. But although the device is no longer sold, it might still receive support if it is covered by a warranty.

Doney said the vulnerability is in ZynOS, a router firmware made by ZyXEL Communications. Its products are used by many network equipment manufacturers including D-Link, TP-Link and ZTE.

Read the whole story here


Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web