Skip to main content
Customer Support Customer Support

DNS hijacking flaw affects D-Link DSL router, possibly other devices

  • January 27, 2015
  • 1 reply
  • 261 views
Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

A vulnerability in ZynOS could spell trouble for users of routers from D-Link, TP-Link, ZTE and other manufacturers

 
Jan 27, 2015 
By Lucian Constantin
 
A vulnerability found in a DSL router model from D-Link allows remote hackers to change its DNS (Domain Name System) settings and hijack users' traffic. The issue might also affect other devices because it is located in a popular firmware used by different manufacturers, according to a security researcher.
 
A proof-of-concept exploit was published Tuesday for the D-Link DSL-2740R model, a dual-function ADSL modem/wireless router device, which according to the D-Link support site has been phased out. This means the device is no longer being sold, but might still receive support if covered by warranty.
 
Full Article
 
    Ssherjj
    1 person likes this
    • Ssherjj
      Ssherjj

    1 reply

    Jasper_The_Rasper
    Moderator
    Forum|alt.badge.img+54
    by Lee Munson on February 4, 2015
     
     


     
    D-Link's DSL-2740R router is susceptible to traffic rerouting and DNS hijacking, according to Bulgarian security researcher Todor Denev.
    Unfortunately, Denev went public with his discovery before alerting D-Link or any other potentially affected manufacturer, in what could be argued to be an irresponsible form of disclosure.
    The DSL-2740R is no longer a member of D-Link's current line-up but is still supported.
    At the time of writing, the product's support page - perhaps unsurprisingly thanks to a lack of prior contact with Donev - makes no mention of the alleged vulnerability and the only security related information attached to the device comes via a FAQ which merely states which wireless security standards the product supports.
     
    Full Article
    Ssherjj
    1 person likes this
    • Ssherjj
      Ssherjj

    Reply


    Terms & Conditions