The article is a bit technical but the bottom line is this: There’s a giant back door in many D-Link Wifi routers!
In other words, if your browser’s user agent string is “xmlset_roodkcableoj28840ybtide” (no quotes), you can access the web interface without any authentication and view/change the device settings (a DI-524UP is shown, as I don’t have a DIR-100 and the DI-524UP uses the same firmware):
Based on the source code of the HTML pages and some Shodan search results, it can be reasonably concluded that the following D-Link devices are likely affected:
DIR-100
DIR-120
DI-624S
DI-524UP
DI-604S
DI-604UP
DI-604+
TM-G5240
Additionally, several Planex routers also appear to use the same firmware:
Michael Sauers is the Technology Manager for Do Space in Omaha, NE. After earning his MLS in 1995 from the University at Albany's School of Information Science and Policy Michael spent his first 20 years as a librarian training other librarians in technology along with time as a public library trustee, a bookstore manager for a library friends group, a reference librarian, a technology consultant, and a bookseller. He has written dozens of articles for various journals and magazines and has published 14 books ranging from library technology, blogging, Web design, and an index to a popular horror magazine. In his spare time, he blogs at TravelinLibrarian.info, runs The Collector's Guide to Dean Koontz website at CollectingKoontz.com, takes many, many photos, and typically reads more than 100 books a year.
View all posts by Michael Sauers