There is a group of D-Link routers that have a critical security vulnerability that could allow an attacker access to the configuration page of the router without needing the user name and password.
By setting the user-agent on a browser to a specific string, it could bypass all authentication processes and then log the user into the router directly.
For this to work, the attacker needs to directly connect to the router via Ethernet or Wi-Fi.
However, the security researchers did say the exploit can end up performed from anywhere if the router’s configuration page is publicly accessible.
Affected D-Link model numbers include DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240.
There is no patch available as of yet, but D-Link did say they will work on fixing the problem at a firmware level. Firmware version 1.13 has problems.
That is how the researchers found the problem to begin with. They were reverse engineering a firmware update offered by D-Link.