D-Link is releasing firmware updates for a number of its routers to address vulnerabilities identified by a researcher, Peter Adkins.
The affected products are DIR-626L, DIR-636L, DIR808L, DIR810L, DIR-820L, DIR-826L, DIR-830L and DIR-836L, according to a D-Link security advisory posted on March 2.
The first vulnerability can be exploited to load malicious code without authentication, the second vulnerability can be used to permit command injection without authentication, and the third vulnerability can enable an attack that discloses information about the device's configuration, the advisory indicates.
On top of updating the device firmware as soon as it is made available, D-Link provided a number of recommendations in the advisory, including disabling remote administrative access, checking router device history for unauthorized access, and disabling the D-Link router remote network management feature.
