More D-Link routers are vulnerable to attacks, researcher claims

More vulnerabilities have been discovered in a D-Link  router, leaving the device vulnerable to attacks via its web interface – only weeks after the discovery of a “backdoor” in other D-Link devices.

Security researcher Liad Mizrachi said he notified the company of the bugs on several occasions, but D-Link failed to respond, according to Threatpost. The D-Link 2760N – also known as the D-Link DSL-2760U-BN – is susceptible to several cross-site scripting bugs.
Details of Mizrachi’s findings can be found here.

The report follows the discovery of a  serious “backdoor” vulnerability in various D-Link models, reported by We Live Security here.

Craig Heffner, a security researcher, and former employee of the National Security Administration, claimed that the backdoor appears to have been placed deliberately – and could allow attackers access to unencrypted data, saying, “You can access the web interface without any authentication and view/change the device settings.

The code which could allow access was found on a Russian cybercrime forum, according to Heffner.

D-Link has since issued patches for affected routers, saying, “We are proactively working with the sources of these reports as well as continuing to review across the complete product line to ensure that the vulnerabilities discovered are addressed.”

D-Link is one of the largest manufacturers of networking equipment on Earth, sold under its own brand. The company describes itself as “the global leader in total products shipped for consumer networking connectivity.”

CNET spoke to Jacob Holcomb, who discovered widespread vulnerabilities in popular routers earlier this year, who said, “Code written for these devices continues to provide inadequate security for today’s digital society, and manufacturers should be held accountable for the implementation of code that intentionally circumvents security.”

In October, Heffner found vulnerabilities in routers from Tenda – which contain a hidden “backdoor” which could allow attackers to “take over” the router and send it commands, as reported by We Live Security here. The Chinese manufacturer also sells routers branded as Medialink, and the machines are available around the world.

Heffner says that he made “short work” of cracking the routers, and that all an attacker needs to do is send a “magic string” to execute commands.