D-Link’s Router Security May Be Horribly Flawed

Keeping your router secure is a fairly basic bit of networking sense, but it doesn’t help if the firmware updates on your router apparently don’t fix the very bugs they’re meant to squash.

That may be the case with D-Link’s DIR-890L, which, as per HackADay, may contain a bug in the firmware around the Home Network Administration Protocol that allowed authentication to be bypassed. To make matters worse, it’s a relatively simple string error that could be addressed.

To complicate matters, it’s a repetition of a bug that hit an earlier D-Link router that was patched, and a patch for the bug in the DIR-890L was issued. Upon analysis, it appears that the new fix for the old bug doesn’t actually correct the original error at all.

Or in other words, ouch. Hopefully D-Link will sort out a robust fix rather quickly, because as it stands there’s not much the end user can do in this case.

D-Link Fails At Strings [HackADay]


The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments


One response to “D-Link’s Router Security May Be Horribly Flawed”