While security vulnerabilies of the D-Link DIR-600 wireless router are known for quite a while, I am shocked to see that many of them are still in use (in Germany at least) and even *sold* (http://www.amazon.de/dp/B002GHTJ2A).
1. You can brute-force the WPA key using Reaver (https://code.google.com/p/reaver-wps/). The router implements WPS in a insecure way.
2. There is a default account. Username is "admin" and there is no password set up (http://www.helpowl.com/q/D-Link/DIR600/Troubleshooting/default-password-router/9416).
3. You can traverse the router's file system via vulnerable web scripts on the router.
4. The root account's user name and password are stored in clear text and can be read without problems.
5. The router's telnet server can be started using a vulnerable web script on the router.
Translation for not-so-tech-savvy folks: When using a DIR-600 for internet access, people can break into your network via wifi, piggyback on your internet connection and do stuff on the internet such as downloading pirated content or exchanging child pornography. If this gets pursued, you as the ISPs customer could be held liable for this because the action came from your ISP account. Additionally, people could tamper with your network, trick you into entering private data such as online banking credentials and much more. You do NOT want any of this.
D-Link had been informed in spring 2011 (http://www.spect.cl/blog/2011/12/d-link-dir-600-command-injection/) about points 3-5. Point 2 should have been known to them from the start. The WPS vulnerability became publicly known late 2011.
To my knowledge D-Link has neither released an updated firmware nor even warned customers of this security nightmare.
Wikipedia says (https://en.wikipedia.org/wiki/D-Link):
"In 2007, it was the leading networking company in the small to medium business (SMB) segment worldwide with 21.9% market share. In March 2008, it became the market leader in Wi-Fi product shipments worldwide, with 33% of the total market. In 2007, the company was featured in the "Info Tech 100", a listing of the world's best IT companies. It was also ranked as the 9th best IT company in the world for shareholder returns by BusinessWeek."
This is frightening to say the least. A company that specializes in networking hardware should not be so oblivious about the security of their products.
What to do?
1. Set up a password for the admin user. This does not fix the command injection vulnerability but it prevents attackers from gaining access to the router setup in the first place. Piggybacking would still be possible though (do not bother setting up MAC filters, these do NOT provide security -- http://www.techrepublic.com/blog/security/how-to-spoof-a-mac-address/395).
2. Install an alternative firmware, DD-WRT should be compatible (http://www.dd-wrt.com/wiki/index.php/DIR-600). If you do not know how to do this, either learn how to do it or replace the device with another router. AVM routers are quite popular in Germany and known to be secure. Their routers for example were among the few that were not affected by the WPS vulnerability (by default that is).
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information