Router manufacturer D-Link Corp. admitted that some of its routers have a vulnerability that could allow hackers access to a device’s administrative settings. The Taipei, Taiwan-based form said that it has issued patches to fix the flaws.
According to a Jan. 9 blog post from SourceSec Security Research, some D-Link routers have an insecure implementation of the Home Network Administration Protocol (HNAP), which could allow an unauthorized person to change a router’s settings.
D-Link said the models affected are the DIR-855 (version A2), DIR-655 (versions A1 to A4) and DIR-635 (version B). Three discontinued models — DIR-615 (versions B1, B2 and B3), DIR-635 (version A) and DI-634M (version B1) — are also affected.
The company said new firmware updates are being made available across its Web sites.