D-Link patches critical router flaws

Router manufacturer D-Link has announced that it will patch critical remote access flaws found in several models of its router product line. Among the affected devices are: DIR-626L, DIR-636L, DIR-808L, DIR-810L, DIR-820L, DIR-826L, DIR-830L and DIR-836L. The company is expected to release firmware updates for those models later this week.

"First vulnerability reportedly relates to a malicious user who might be connected to the LAN-side of the device to use the devices upload utility to load malicious code without authentication. A second vulnerability reportedly relates to the device's ping utility that might permit command injection without authentication. A third vulnerability reportedly may exploit certain chipset utilities in firmware to potentially permit a malicious user an attack disclosing information about the devices configuration," D-Link noted in a security advisory released on Monday.

Until the patches are released, users can protect themselves from attacks by checking the router's history for unauthorized access, encrypt Wi-Fi connections, and check regularly for firmware updates.

According to the company, some attacks can be blocked by disabling the remote management feature that can provide access to a router's settings. By default, the capability is turned off.

Read more -here-

• The US government is taking a 10 percent stake in Intel
• Google is selling a version of Gemini for government agencies
• PayPal breach exposed nearly 16M login credentials, hackers claim
• Apple is reportedly manufacturing all four iPhone 17 models in India
• AT&T customers could get thousands in $177M settlement
• US government is reportedly in discussions to take stake in Intel