Security Issues: Critical Update on D-Link Routers

The Taiwanese D-Link Corporation has released several Critical Security Updates for some of its earlier Internet Routers. These Patches are closing some backdoors in the devices that could let attackers catch remote access over unpatched ones.

As D-Link informs on their Security-Support-Page:

"Various media reports have recently been published relating to vulnerabilities in network routers, including D-Link devices. 

These firmware updates address the security vulnerabilities in affected D-Link routers. D-Link will update this continually and we strongly recommend all users to install the relevant updates. 

As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update."

These Updates include the following Prototypes as of 28/11/13:

• DI-524 

Revision E1/E3
The new firmware 5.13b01 that fixes the security vulnerabilities
Download Link
Please note: Unzip the file and use the file DI524Ex_FW513B01.bin to update firmware

• DI-524UP 

Revision A1/A2
The new firmware 1.08b02 that fixes the security vulnerabilities
Download Link
Please note: Unzip the file and use the file DI524UPAx_FW108B02.bix to update firmware

• DIR-100 

Revision A1
The new firmware 1.14b02 that fixes the security vulnerabilities
Download Link
Please note: Unzip the file and use the file DIR100A1_FW114WWB02.bix to update firmware

• DIR-120 

Revision A1
The new firmware 1.05b02 that fixes the security vulnerabilities
Download Link
Please note: Unzip the file and use the file DIR120A1_FW105WWB02.bix to update firmware

As well for:

DI-604S

DI-604UP

DI-604+

TM-G5240

 

BESIDES OTHER (CVE) For D-Link:

• CVE-2013-5997
• CVE-2013-5998

Source: Techgeek

For more detailed Information on that subject and about the Researcher(s) who detected the Vulnerability, please visit: Krebs on Security (Thx to Brian for posting this)