D-Link routers contain backdoors

The United States Computer Emergency Readiness Team (US-CERT) is reporting that firmware for various D-Link routers contains a backdoor that allows unauthenticated remote users to bypass the routers’ password authentication mechanism. An unauthenticated remote attacker can take any action as an administrator using the remote management web server.

D-Link is maintaining a page to inform users of this issue and provide updates as patches are released.