D-Link router DSL-2740R, and potential more like it, are supposedly exposed to DNS hijacking – which hackers can use to entice victims to servers and dodgy sites.

According to Bulgarian security investigator Todor Donev, the defect lies in specific builds of ZyXEL’s ZynOS firmware, which is utilized in network hardware from TP-Link Technologies, ZTE and Dlink. The kit that was affected is targeted at little businesses and homes.

Routers running the vulnerable applications expose their internal web servers Donev claims, to the open net, and permit anyone to remotely configure the apparatus without needing to log in.

http://x.x.x.x/Forms/dns_1?Empower_DNSFollowing=1&dnsPrimary=a.a.a.a
It seems quite much like the susceptibility found in ADB Pirelli routers.

Donev went public about the Dlink susceptibility without notifying the affected sellers.

In case these name servers are malicious, they may point browsers at sites booby-trapped to infect computers with malware, or fake login pages to harvesting passwords.

Said login pages may be dressed up as online banking website or a legit webmail; they’re going to have a really terrible time if they type in their username and password, if a victim does not see that the website is not HTTPS shielded with the right certification.

Donev has published a proof of concept exploit for the D-Link DSL-2740R, a double-function ADSL modem/wireless router apparatus.