D-Link routers are affected by a flawed implementation of the Home Network Administration Protocol (HNAP) Local and external attackers can reportedly exploit the flaw to gain access to the router’s network settings. SourceSec say they have verified that this administrative access via HTTP is vulnerable in the DI-524, DIR-628 and D IR-655 routers. The security firm describes further details in a paper ; a sample exploit called HNAP0wn can also be found on their website.”]
Source: http://www.h-online.com/security/news/item/Hidden-admin-access-on-D-Link-routers-900628.html