Security researcher Michael Messner (Michael Messner) has encountered a critical vulnerability in the wireless router of D-Link (model DIR-600 and DIR-300). Data can be breached by malicious people to compromise a vulnerable system.
Fears of an expert is that on successful exploitation potential attacker does not have to go through the authentication process.
As found by Messner , the vulnerability is caused due to lack of access restrictions, as well as input validation error in the parameter cmd in the original firmware (version 2.14b01 and before).
At the time of publication of news designers at D-Link have not released a security patch. At the same time, cases of exploitation of vulnerabilities by malware have been recorded.
Recall that recently, researchers from the company Rapid7 discovered a vulnerability in the network standard Universal Plug and Play (UPnP), used by routers and other network equipment. According to them, one of the affected products included about 40-50 million units, including D-Link.