VulnCheck cybersecurity researchers have found a new exploit that targets older, end-of-life D-Link routers in order to hijack them. Routers are often vulnerable to attacks because they are often not properly secured, are used when they are outdated and don’t receive frequent firmware updates.
In this instance, the software on the older D-Link routers cannot properly sanitize user input, which allows hackers to send specifically crafted requests to the router without needing any authentication. This means that attackers can inject and execute arbitrary shell commands remotely and hijack the hardware itself.
This vulnerability has actually been seen exploited actively since last November, and VulnCheck researchers have said it begins in the dnsfg.cgi library. The affected endpoint is tied to DNS modification behavior; a technique that has been used in the past allows the attackers to redirect user traffic. That means they can redirect the victim to malicious sites, or cause other malicious behavior.
As it’s related to DNSCharger, the vulnerability is thought to be related to attacks in 2016 and 2019 called GhostDNS attacks, which targeted firmware variants of DSL gateway models. Those attacks mostly occurred in Brazil and affected multiple vendors, including D-Link. They were intended to commit data theft against the targets.
How to keep your router secure
If you own an outdated router, you should replace it right away with one of the best Wi-Fi routers, as it will receive software updates and patches from the manufacturer. Security aside, you're getting a significantly worse online experience when you use an outdated router, including slow internet speeds and difficulties handling multiple connected devices.
You should always apply all available security patches and firmware updates to your router as soon as possible. You should also make sure that you're using a strong and unique password with at least 16 characters. To make things easier, you should use one of the best password managers to generate and securely store it. Additionally, you can disable remote administration and reboot the device.
It’s also a good idea to make sure that you’re using one of the best antivirus software programs – these offer additional features like a VPN that can protect you when you’re online. If you suspect that your router has been compromised, you can contact the FBI’s IC3 (Internet Crime Complaint Center) at ic3.gov to file a complaint.
If you want the latest Wi-Fi, one of the best Wi-Fi 7 routers will provide you with the best experience possible. However, if you don't mind not having access to the faster 6GHz band, one of the best Wi-Fi 6 routers will still be a major upgrade.
Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.
