A recent Naked Security post reports that D-Link’s DSL-2740R modem/router is vulnerable to DNS hijacking and traffic rerouting. According to the post, the vulnerability lies in the ZynOS firmware used by the device. ZynOS is a proprietary operating system made by ZyXEL.
The flaw apparently allows an attacker to access the device’s web interface without the need for authentication.
If an administration panel is exposed to the internet – and we strongly recommend that you don’t do this! – then outsiders may be able to access and reconfigure your device’s DNS setting from afar.
The author suggests that the popularity of ZynOS means that other D-Link devices might be vulnerable too, as well as devices manufactured by TP-Link, ZTE and of course, I might add, ZyXEL.
ComputerWorld, reporting on the same vulnerability, suggests that the flaw could be exploited by CSRF attacks, even if the device’s configuration panel is only accessible from the LAN.
DSL-2740R is a wireless ADSL2+ modem router that is not in production anymore; the latest firmware available on D-Link’s website is version 1.01b02, released almost two years ago, on 22-Feb-2013, for revision B devices.
You can find the Naked Security post here.
If you have any questions or if you spotted any errors or omissions, please leave me a comment.