Router manufacturer D-Link admitted Friday that some of its routers have a vulnerability that could allow hackers access to a device's administrative settings, but it has issued patches.
According to a Jan. 9 blog post from SourceSec Security Research, some D-Link routers have an insecure implementation of the Home Network Administration Protocol (HNAP), which could allow an unauthorized person to change a router's settings.
SourceSec published a proof-of-concept software tool called HNAP0wn that would enable the hack -- a move that D-Link criticized.
"By publicizing their tool and giving specific instructions, the authors of the report have publicly outlined how the security can be breached, which could have had serious repercussions for our customers," D-Link said in a statement.
pcworldforums.dlinkA list of vulnerable routers are on the above link. If you use a D-Link you should get the available patches for your router.
