D-Link router backdoor has been discovered by the Kaspersky Lab that can give the Hackers easy access to the user’s D-Link routers. The Security experts from the renowned Kaspersky Lab have discovered a backdoor account and various other major vulnerabilities with the D-Link routers. The Kaspersky researchers have uncovered a backdoor account in the firmwares of the D-Link routers. This backdoor vulnerability can be easily exploited by the attackers to access the routers’ web interface and gain access to the user’s sensitive data without their knowledge. The researchers from the Kaspersky Lab have found four very dangerous flaws that can leave the user and their D-Link router vulnerable. The bad news for D-Link users is that neither D-Link nor the users can disable the backdoor account. The only way to attenuate the issues is to avoid exposing the admin panel online through unsecured websites.

Where is the issue?
The firmware of the D-Link routers have hardcoded default credentials that can be exploited by any hacker or a tech savvy person who is just a little too curious to gain privileged access to the firmware of the D-Link routers and to extract any sensitive data that they wish. The firmware of the router is the operating software that orchestrates the hardware of the device that it is installed on. Basically, the firmware of the router is the software that runs the hardware on the router. All the sensitive data of the user flows through the router such as the emails and passwords, the private information of the user, their banking details when they buy something online and more. Every bit of other detail related to the user also flows through the router. If an unauthorized person got the access to the firmware of the D-Link routers, the said person can choose to extract any username and password in plain text of the user. The attacker will be able to run any arbitrary JavaScript code and run arbitrary commands in the router’s Operating System (OS).

What are the issues?
The D-Link DIR-620 vulnerabilities discovered by the Kaspersky Lab researchers claim mainly four Common Vulnerabilities and Exposures (CVE) ratings where the four different issues range from 6.1 to 10 on a scale ranging from 0 to 10. All four issues are very serious but two of these issues are, in particular, to be beware of. The bad news is that the backdoor accounts cannot be disabled either by the user or by D-Link. The only way the user can secure their network is to follow all the security guidelines, configure their router for better security and avoid using any unsecure websites.

Here are the four main issues the Kaspersky Lab found regarding the D-Link routers:

  • First is a reflected cross site scripting (XSS) vulnerability in the firmware of the router. The XSS attack can be caused due to a missed filtration for special characters in the Quick Search field of the router and incorrect processing of the XMLHttp Request object.
  • The second vulnerability includes privileged credentials hard coded in the firmware of the D-Link router. The attacker who has attacked the user’s D-Link router will not have administrator rights but would still be a “privileged user”. This easily makes the attacker able to extract any sensitive data of the user.
  • The third vulnerability is far more serious than the previous two, which earned a 9.1 on the CVE scale out of a 10. The Kaspersky Lab mentioned “An OS command injection vulnerability is possible as a result of incorrect processing of the user’s input data in the following parameter: /index.cgi?<…>&res_buf.”
  • The fourth vulnerability is related directly to the third one, and it is the one that earned a total of 10 on the CVE scale. With the help of the command injection mentioned in the third vulnerability, an unauthorized attacker can extract Telnet credentials for the router that are also hard coded in the firmware of the D-Link router.

How to Fix your D-Link router regarding the backdoor vulnerabilities? [Solved]

The Kaspersky Lab reached out to D-Link and told them about all the vulnerabilities, they were told that there was nothing to be done. They said that the model of the routers and the firmware associated with the routers are no longer supported by the vendor, so the vendor cannot do anything except provide patches.
So, if you have a D-Link router you are basically left with severe backdoor vulnerabilities that pose a huge potential threat to the user’s sensitive and private data.

If the user has a D-Link DIR-620 router that means that the user has been left with a huge backdoor vulnerability and no expectation for a coming issue fix. Kaspersky has given out some very good advice for securing your router and your network and it’s a very few simple things that the user can do in a couple of steps that any wireless router user can benefit from. Here are the steps:

  • The user can restrict the access to a list of pre-approved IP addresses. This way, any unauthorized attackers who are attempting to connect to the user’s network will simply fail to do so.
  • The Kaspersky Lab has also asked all the users to block all access to the Telnet.
  • The third thing that they have recommended to the users is to constantly change the username and password of their network to further secure their network.

It might take a lot from the user’s end to configure their router for better security if they do not have a firm grasp at how the D-Link routers work. But it can still be done and the user can still secure their router and protect their sensitive data from unauthorized attackers by taking some precautionary steps towards a better and more secure network. The user can setup and login to their router again and change the default username and password for better security and update their firmware as well.

Here, we will show you the troubleshooting steps to configure the D-Link DIR-620 router for better security.

Here are the steps to setup and login to the D-Link DIR-620 wireless router:

  1. Unplug all the connections on your modem and router.
  2. Connect the Ethernet cable from any of the LAN ports of the router to the desktop computer that you want to use to set up the router.
  3. Now, connect the modem to the WAN port of the router.
  4. Connect the router with a wall socket and turn it on.
  5. Power on the modem, the router and the computer.
  6. Now, open up any web browser of your choice on the desktop computer and type http://dlinkrouter.local in the address bar and press enter. This will automatically take you to the setup wizard page in the browser.
    If by some chance, the browser doesn’t automatically takes you to the setup wizard page after typing http://dlinkrouter.local in the address bar, you can alternatively type the default IP address of your router in the address bar. The default IP address of the D Link routers is 192.168.0.1.
  7. When the setup wizard page displays, it will guide you through a step by step process to configure and set up your D Link router and help you connect to the internet. Click Next to continue.
    This wizard will appear while setting up the router for the very first time. If you have configured the router before, you will have to reset your router in order to go through the setup wizard again.  
  8. Now, the router will scan for the type of internet connection that you have. It successfully scans and skips the setup itself, but in some case if it doesn’t, you will be prompted to select the type of internet connection that you have.
  9. From the given options, select the DHCP connection (Dynamic IP). For all the wired connections, the connection type is always Dynamic IP. After selecting the DHCP connection type, click Next.
  10. Now, you will see a Wireless Settings page. You will be asked to put in a new wireless network name and password. This is very important as it will help secure your network. Enter the desired Network name and passphrase in the respective fields. Click Next.
    Note down the username and passphrase for your wireless network so that the passphrase isn’t lost or forgotten. If it is lost or forgotten, a factory reset will be required.
  11. Now, the setup wizard will again ask you for a password. This is the password for the router configuration page in case you want to log in to the configuration page. Click Next.
    This is not your wireless passphrase.
  12. Now, the setup wizard will ask you to set your time zone. After setting the time zone, click Next.
  13. A summary of all your router settings will be displayed. Click Save to save the settings.
  14. The router will now start to reboot in order to save the settings.
    Do not interrupt the reboot process as it may corrupt the router and even render it useless.

Now, the user will have setup and logged in to their network securely. The user can start using their network as they please.

How to update the firmware of the D-Link DIR-620 router:

  1. Open any web browser of your choice and go to the D-Link’s Support Website. The support website for D Link routers is www.support.dlink.com or you can opt for your local D Link support website. Download the latest firmware for your router’s model.
  2. Once you have downloaded the latest firmware, open the web browser and type http://dlinkrouter.local or 192.168.0.1 in the address bar.
  3. The login window will ask you for the username and password. Type in the default username and password.
    The default username is “Admin” and leave the password field blank. Click Login.
  4. Now, a new window will display. Click on the Tools tab on the top and then click on the Firmware tab on the left side of the window. Under Firmware Upgrade, click on the Browse button and select the file that you previously downloaded.
  5. Click Upload to upgrade the firmware to the latest firmware. It will take a couple of minutes to upgrade the firmware. Click Continue.
    It is advised not to unplug or switch off or otherwise disturb the router while the firmware is being upgraded.

Now, the firmware of the D-Link Dir-620 wireless router will have been updated. The user can start using their internet once the firmware has been successfully updated.

Warning: Do not interrupt the firmware update process anyhow or turn off the router during the update as it can severely damage the router and might even render it completely useless.

D-Link blog –

D-Link is widely known for providing networking hardware to the users. They provide reliable networking hardware such as routers, adapters, extenders and more. Their routers are very reliable and contain a user friendly interface. The user can gain access to the advanced features of the router to better customize their network more suitable to their needs. The D-Link routers require the users to login to them so that the user’s network is secure and so that the user can configure their network more suitable to their needs. The login process is very easy and only takes a couple of minutes of the user’s time. The user can simple go to http://dlinkrouter or type in the default IP address specific to their router. The default IP address is 192.168.0.1 for most of the D-Link routers. With this, the user can login to their D-Link routers and further customize their network suitable to their needs.

After successfully logging in to the router, the user can gain access to the advanced features of the router. Some of the advanced features of the router are:

  • Guest Networks
  • Parental Controls
  • Media Prioritization
  • Network Map and a lot more.

The user can further customize, control, configure, monitor and even repair their network using the web based interface.

Here we will show you the troubleshooting steps to setup and login to the D-Link routers:

  1. Connect the modem to the WAN port located at the back of the router using an Ethernet able.
  2. Now, connect the desktop computer or laptop to any of the four internet ports of the router using another Ethernet cable.
  3. Make sure all the connections are made properly.
  4. Open any internet browser on the same device that is connected to the D-Link router. Type 192.168.0.1 in the address bar. This is the default IP address for most of the D-Link routers. Alternatively, the user can also login using http://dlinkrouter as well.
  5. Enter the default information when prompted. If the user is logging in for the first time, then the user will have to setup a new username and password to make their network secure.
  6. The Quick Setup page will appear. The user can further configure their network using the simple on screen instructions provided in the quick setup page.

Now, the user will have logged in to their D-Link router. From here, the user can further configure, control, customize, monitor and even repair their network with the help of the advanced features. The user can also update the firmware of their router. The firmware update fixes any bugs with the router or resolves any previously faced issues. The new firmware might also bring in some new features for the router as well as provide enhanced overall speed boosts.

error: Content is protected !!