D-Link offers firmware upgrade for vulnerable routers

Posted on Tuesday, January 19 2010 @ 15:31 CET by Thomas De Maesschalck
D-Link has issued firmware upgrades for some of its routers, the update resolves a vulnerability that could allow hackers to change the device's administrative settings.
According to a Jan. 9 blog post from SourceSec Security Research, some D-Link routers have an insecure implementation of the Home Network Administration Protocol (HNAP), which could allow an unauthorized person to change a router's settings.

SourceSec published a proof-of-concept software tool called HNAP0wn that would enable the hack -- a move that D-Link criticized.
The company says the following models are affected:
  • DIR-855 (version A2)
  • DIR-655 (versions A1 to A4)
  • DIR-635 (version B)
  • DIR-615 (versions B1, B2 and B3)
  • DIR-635 (version A)
  • DI-634M (version B1)

  • About the Author

    Thomas De Maesschalck

    Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

    Loading Comments