Last week Craig Heffner, specialized on the embedded device hacking exposed a serious backdoor in number of D-Link routers allows unauthorized backdoor access. Routers contain a flaw in the httpd component, as thefunction spawns a backdoor service that listens for incoming messages containing commands to execute. A remote attacker with access to the local network can execute arbitrary commands with root privileges, after access. Some of the vulnerable routers are W302R and W330R as well as re-branded models, such as the Medialink MWN-WAPR150N.
Source: https://thehackernews.com/2013/10/backdoor-found-in-chinese-tenda.html