rom-0 vulnerability?

[Angilion]

Avast! reports this as a major security issue, but I'm not finding much info online for it.

Remote access to my router is disabled, so I'm not sure if this issue would apply anyway. Is there an easy way to test if it's an actual vulnerability rather than a potential one?

My ISP is TalkTalk, which treats it as a non-issue. Which would be reassuring if I trusted them.

My router is a D-Link DSL-3680 and the firmware version is 1.08t.

 

[KIA]

http://community.talktalk.co.uk/t5/...-3680-vulnerability-rom-0/m-p/1507075#M550529
http://broadband.telecom.uk.groups.com.ru/177320-TalkTalk_DSL3680_WPS_security_vulnerability
http://www.broadbandbanter.co.uk/43848-talktalk-dsl-3680-wps-security-vulnerability.html

Disabling WPS is your best bet.

 

[Angilion]

Thanks for taking the time to reply, but the 1st link is TalkTalk saying it isn't a problem (and apparently not knowing what it is) and the other two are a different vulnerability. I disabled WPS PIN anyway, along with the rest of wi-fi. I don't need wireless, so I disabled it straight away. The rom-0 vuln isn't about wireless.

http://brezular.com/2014/06/20/zynos-rom-0-exploit/

for some information. The router admin password is stored in an unencrypted form in a remotely accessible file. Not a good idea, but a whole slew of routers apparently do it.

 

[bremen1874]

Irrespective of any real or imagined risk your firmware appears to be out of date. TalkTalk's own pages show the D-Link DSL-3680 at v1.12t.