Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerability Found In D-Link Routers

A buffer overflow vulnerability discovered several D-Link wired and wireless routers could allow attackers to execute arbitrary code and potentially compromise entire networks.

eEye Digital Security, an Aliso Viejo, Calif.-based security firm, issued an advisory on the vulnerability Monday. The company had notified D-Link about the flaw in February.

The vulnerability affects the Local Area Network (LAN) interface of several of D-Link's consumer-grade routers, and a company spokesperson said the Fountain Valley, Calif.-based networking vendor has released patches for download on its Web site.

Mike Puterbaugh, vice president of marketing at eEye, said the vulnerability is serious given the widespread use of D-Link routers in small-business and home networks. "The footprint of D-Link's install base is significant, and this could have potentially turned into a big issue," he said.

eEye rated the severity of the flaw as "high." Danish security firm Secunia rated the vulnerability "moderately critical", and Symantec gave the flaw a "10," its highest severity rating.

  • 1