Hackers May Redirect Your Internet Traffic through D-Link Router Bugs

Several vulnerabilities in the DIR-600 and DIR-300 routers of network solutions company D-Link may allow hackers to redirect Internet traffic and compromise users` devices, according to German security researcher Michael Messner. The holes are supported by the lack of password hashing and root passwords being saved in plain text.

The Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to easily change a password through malicious software, as there is no request for the password. The OS Command Injection vulnerability allows hackers to compromise users` devices.

“The vulnerability is caused by missing access restrictions and missing input validation in the cmd parameter and can be exploited to inject and execute arbitrary shell commands,” Messner said in a blog post. “It is possible to start a telnetd to compromise the device.”

The H-Online also ran tests and discovered many of the devices can even be accessed from the Internet and managed to inject a harmless command into such a router. “A real attacker could randomly exploit systems, for example to divert a router’s entire internet traffic to a third-party server.”

According to Messner, D-Link said the issues are browser-related and they will not provide a fix. The security expert informed the company in December of last year.