D-Link Routers Seriously Flawed

Pierre Kim, a researcher who found a slew of vulnerabilities in D-Link’s DWR-932B, said it is so broken that anyone who owns one should toss it in the trash.

Kim said that he found so many vulnerabilities that would allow a hacker to use the device as a spamming zombie or a man-in-the-middle tool.

“I advise users to trash their routers because it’s trivial for an attacker to use this router as an attack vector,” Kim said.

Kim said he found at least 20 flaws in the routers that included a backdoor, backdoor accounts, and a default Wi-Fi Protected Setup PIN, to name a few of them.

D-Link made this statement:

“D-Link has been investigating this issue since it was reported and is addressing all reported vulnerabilities. Please note the DWR-932B is not sold in the U.S., and as this is a discontinued product, we ask customers to contact their local D-Link customer service and D-Link will exchange it for a different router. D-Link engineers are providing ongoing updates, and customers are advised to check with their local region for the latest information.”

Source: Threat Post