New Vulnerabilities Found in D-Link Routers

November 12, 2013 | By Kevin Judge
A router can be a gateway to the wonders of the internet. Unfortunately, it can also be a doorway through which hackers can invade your computer.Cross Site Scripting (XSS) vulnerabilities have been found in in the web interface for a D-Link router this week, model number D-Link2760N, according to security researcher Liad Mizrach. These vulnerabilities can be exploited by an attacker to compromise a vulnerable device.

The manufacturer is working on a patch to fix this bug and once they do so, it will automatically be rolled out in the next update. Users of the router will need to download the fix as soon as it is available to be safe.

Cross-site scripting (XSS) enables attackers to inject a client-side script into a targeted web page. Such scripts can rewrite the page content and access cookies, session tokens and other client information. They can be used to bypass access controls such as the same origin policy, which limits the ability of a page to execute a script that is located on another domain.This isn’t the first router vulnerability issue D-Link has had to deal with. In October, researcher Jacob Holcomb even more serious vulnerabilities that could be used to create a backdoor to access several other models of D-Link routers and cameras. Holcomb revealed that codes written for these devices are not as strong as they should.

Because of this lack of attention to detail, manufacturers often leave back doors open for attackers to introduce trojan viruses and other malware. This puts the consumer at risk and at times, the entire network which relies on a camera or router could be compromised.

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>