If you have a D-Link wireless router at home, do take note. Several D-Link routers from the DIR-800 series including a model that’s commonly bundled by TM UniFi and Time Broadband were found to have a security vulnerability. The issue was made known by Singapore’s Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) in a joint advisory.
Below are the affected D-Link routers:
D-Link DIR-850L:
D-Link DIR-885L:
D-Link DIR-890L:
D-Link DIR-895:
If you’re using one of the above models, these routers can be compromised to install malicious firmware and this puts your information at risk. Once exploited, hackers can take control of your router without having to know your username and password. You can learn more about this vulnerability over here.
The folks at D-Link are aware of the problem. They are promising a fix to be ready by this Friday, 22 September through as firmware update.
As a security measure, D-link highly recommends that you take the following action in the time being:
1. Reset your router to its default factory setting (Do this if you have a copy of your TM UniFi/TIME broadband username/password at hand)
2. Disable the WAN remote admin feature
3. Do not access the router through unauthorised WiFi
4. Change the wireless SSD password and PIN code to prevent unauthorised users from accessing the LAN
5. Change the device’s administrator password. Use a strong new password.