Backdoor Account Found in D-Link DIR-620 Routers

Discovered by Kaspersky Lab researchers, this backdoor grants an attacker access to the device’s web panel, and there’s no way in which device owners can disable this secret account. To prevent abuse, Kaspersky researchers have refrained from disclosing the backdoor’s account username and password. The backdoor account (CVE-2018-6213) is just one of four vulnerabilities Kaspersky researchers found in the firmware of these devices following a recent security audit.

The other three flaws include: Shodan searches for these devices reveal less than 100 DIR-620 routers available online, showing that most ISPs have headed Kaspersky’s warnings and restricted access to these devices on their networks. Kaspersky experts said they’ve also contacted D-Link about the discovered issues, but the company said it did not intend to issue new firmware updates for such an older model unless one of the ISPs it has as an enterprise customer specifically request a security update for these devices.

Source: bleepingcomputer.com