Security researcher reveals multiple Web-based security vulnerabilities in the D-Link 2760N. November 11, 2013 12:54 PM PST A new spate of vulnerabilities have been found in a D-Link router, a security researcher said on Monday. The D-Link 2760N, also known as the D-Link DSL-2760U-BN, are susceptible to several cross-site scripting (XSS) bugs through its Web interface, reported ThreatPost. Related stories: Verizon Wireless nudges into home phone, broadband biz Get an Apple AirPort Extreme Base Station router for $74.99 XCom hot spot plans now available for U.S. travelers Wi-Fi routers: More security risks than ever Sprint to offer three new tri-band hot spots on July 19 The researcher who discovered the bugs, Liad Mizrachi, said that he notified D-Link about the bugs in August, September, and October, but D-Link did not respond. The report follows a more serious backdoor bug found in the following D-Link routers: DIR-100, DIR-120, DI-524UP, DI-604S, DI-604UP, DI-604+, DI-624S, and the TM-G5240. D-Link told ThreatPost in October that it is working on a patch to the backdoor bug. Jacob Holcomb, a security researcher who uncovered widespread vulnerabilities in popular routers earlier this year, told CNET that he wasn't surprised by the backdoor bug, and wished that manufacturers would do more to fix security problems when found in embedded devices such as cameras and routers. "Code written for these devices continues to provide inadequate security for today's digital society, and manufactures should be held accountable for the implementation of code that intentionally circumvents security," he said. D-Link did not immediately respond to a request for comment. CNET will update this story when we hear back from them.
Security researcher reveals multiple Web-based security vulnerabilities in the D-Link 2760N.
A new spate of vulnerabilities have been found in a D-Link router, a security researcher said on Monday.
The D-Link 2760N, also known as the D-Link DSL-2760U-BN, are susceptible to several cross-site scripting (XSS) bugs through its Web interface, reported ThreatPost.
Related stories:
- Verizon Wireless nudges into home phone, broadband biz
- Get an Apple AirPort Extreme Base Station router for $74.99
- XCom hot spot plans now available for U.S. travelers
- Wi-Fi routers: More security risks than ever
- Sprint to offer three new tri-band hot spots on July 19
The researcher who discovered the bugs, Liad Mizrachi, said that he notified D-Link about the bugs in August, September, and October, but D-Link did not respond.
The report follows a more serious backdoor bug found in the following D-Link routers: DIR-100, DIR-120, DI-524UP, DI-604S, DI-604UP, DI-604+, DI-624S, and the TM-G5240. D-Link told ThreatPost in October that it is working on a patch to the backdoor bug.
Jacob Holcomb, a security researcher who uncovered widespread vulnerabilities in popular routers earlier this year, told CNET that he wasn't surprised by the backdoor bug, and wished that manufacturers would do more to fix security problems when found in embedded devices such as cameras and routers.
"Code written for these devices continues to provide inadequate security for today's digital society, and manufactures should be held accountable for the implementation of code that intentionally circumvents security," he said.
D-Link did not immediately respond to a request for comment. CNET will update this story when we hear back from them.
