D-Link Apologises For Router Security

An issue which affected D-Link’s routers is in the process of being patched, says the company.

It emerged last week that D-Link’s DIR-890L router suffers from a bug in its implementation of Home Network Administration Protocol that allowed authorisation to be bypassed. To make matters worse, according to analysis of the underlying code, a fix that purportedly resolved the issue may have left it dangling just as wide open.

D-Link has issued an official statement on the issue stating that it “is deeply apologetic to any users affected by this issue”.

D-Link has identified 17 different products that may be affected by the HNAP bug, stating that it is in the process of developing firmware updates to fix each and every one. A patch for the DIR-890L is already available, as is the DIR-880L. On the 21/4, D-Link expects to have firmware ready for the DIR-816L(A1), DIR-817LW(B1) and DIR-818LW(A1), while the 24th should see the remaining products — the DAP-1522(B1), DIR-860L(B1), DIR-629(A1), DIR-815(B1), DIR-860L(A1), DIR-865L(A1), DIR-868L(A1), DIR-820LW(B1), DIR-850L(A1), DIR-850L(B1), DIR-300(B1) and DIR-600(B1) — all patched.

In the meantime, D-Link’s recommendation is that “affected users are heavily encouraged to change their administrator passwords immediately to a strong password which includes a mix of numbers, letters, and symbols, as a further preventative measure against malicious network intrusions”.


The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments


One response to “D-Link Apologises For Router Security”