Unauthorized Access Backdoor found in D-Link

Unauthorized Access Backdoor found in D: A number of D-Link routers reportedly have an issue that makes them susceptible to unauthorized backdoor access.

The researcher Craig, specialized on the embedded device hacking – demonstrated the presence of a backdoor within some DLink routers that allows an attacker to access the administration web interface of network devices without any authentication and view/change its settings.

[..]

Analyzing the parameters passed to the function the researcher was able to reconstruct the authentication flow, the function parses the requested URL and check if it contains the strings “graphic/” or “public/”. “graphic/” or “public/” are sub-directories under the device’s web directory, if the requested URL contains one of them the request is passed without authentication.

Another intriguing detail has been found by Craig that by changing the user-agent in a web browser to “xmlset_roodkcableoj28840ybtide,” a user could bypass the security on the device and get online or control the higher functions of the router.