Menu
What's new
By:
Filters Better Search

News [Ars] Critical takeover vulnerabilities in EOL'd D-Link NASes are being exploited

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

Dan Goodin

Guest
"Hackers are actively exploiting a pair of recently discovered vulnerabilities to remotely commandeer network-attached storage devices manufactured by D-Link, researchers said Monday.

Roughly 92,000 devices are vulnerable to the remote takeover exploits, which can be remotely transmitted by sending malicious commands through simple HTTP traffic. The vulnerability came to light two weeks ago. The researcher said they were making the threat public because D-Link said it had no plans to patch the vulnerabilities, which are present only in end-of-life devices, meaning they are no longer supported by the manufacturer."

Continue reading on Ars Technica
 
Last edited by a moderator:
"Vulnerabilities" is a polite way of saying that, once again, D-Link has shipped products with deliberate backdoors implemented, with hardcoded credentials. Same thing happened a few years ago with some of their routers.

Software bugs are one thing. Backdoors and hardcoded credentials are another.
 
D-Link; when you don't care about network security in the least.
 
You must log in or register to reply here.

Similar threads

torstein
Avoid Consumer Routers
2
Replies
39
Views
6K
netware5
netware5
D
Ars: Internet routers running Tomato are under attack by notorious crime gang
2
Replies
25
Views
10K
schonzen
S
D
Ars: Advanced CIA firmware can turn home routers into recon slaves
2
Replies
33
Views
7K
ColinTaylor
C

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 802 (members: 33, guests: 769)
Top