Diğerleri

Thousands of D-Link NAS devices have serious backdoor security issues

Apr 9, 2024 #bose soundbar, #rel sub, #www.audiophile.org

Thousands of D-Link NAS devices have serious backdoor security issues

bose soundbar, rel sub, En İyi Ev Ses Sistemi, Ev Ses Sistemleri Online, müzik dinlemek için en iyi hoparlörler, ev stereo sistemi bileşenleri, Satılık Müzik Seti

A high-severity vulnerability has been recently discovered in certain D-Link Network Attached Storage (NAS) instances which could be used to run malicious code, steal sensitive data, and mount denial-of-service (DoS) attacks.

Cybersecurity researcher Netsecfish, who discovered the flaw, found multiple instances of D-Link’s NAS devices have an arbitrary command injection flaw in the “system” parameter, and a hardcoded account that can be used to access the device. As a result, hackers can run commands as they please:

“Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the system, potentially leading to unauthorized access to sensitive information, modification of system configurations, or denial of service conditions,” the researcher said.

No patch

The vulnerability is tracked as CVE-2024-3273. Apparently, there are roughly 92,000 of these D-Link NAS devices in use today, meaning that the attack surface is relatively large.

Multiple models are affected, including: DNS-320L Version 1.11, Version 1.03.0904.2013, Version 1.01.0702.2013; DNS-325 Version 1.01; DNS-327L Version 1.09, Version 1.00.0409.2013; and DNS-340L Version 1.08.

Unfortunately, the patch is not coming. These devices, D-Link confirmed to BleepingComputer, are way past their end of life, and as such will not be fixed. The company released a security bulletin, and urged its customers to replace the devices with newer versions as soon as possible.

“All D-Link Network Attached storage has been End of Life and of Service Life for many years [and] the resources associated with these products have ceased their development and are no longer supported,” the spokesperson told the publication. “D-Link recommends retiring these products and replacing them with products that receive firmware updates.”

Even those that receive firmware updates should never be exposed to the internet as cybercriminals see them as valuable targets.

More from TechRadar Pro

  • UK government releases new cloud SCADA security guidance for OT
  • Here’s a list of the best firewalls around today
  • These are the best endpoint security tools right now

En İyi Ev Ses Sistemi,
Ev Ses Sistemleri Online,
müzik dinlemek için en iyi hoparlörler,
ev stereo sistemi bileşenleri,
Satılık Müzik Seti

stereoguide-referencehometheater-techradar

Related Post

Bluetooth Earphones Bluetooth Headphones Bluetooth Speakers DACs Diğerleri Earphones Mobile DAC Noise Cancelling Headphones Planar Headphones

Yulia Niko: “Never Listen To Anyone”

May 1, 2024
Diğerleri

NYT Strands today — hints, answers and spangram for Wednesday, May 1 (game #59)

May 1, 2024
Diğerleri

Quordle today – hints and answers for Wednesday, May 1 (game #828)

May 1, 2024

Şu Ürünleri Kaçırmayın

Headphones, Applause Awards , 2024, Headphones, Over / On Ear ,

Austrian Audio The Composer Headphones Review

01/05/2024
Hi-Fi, Headphones,

Volumio Motivo – Stylish Streaming Headphone Amp

01/05/2024
Hi-Fi, HiFi Show,

Origin Live’s Renown Tonearm Makes European Debut

01/05/2024
Müzik Seti Sehpası

SRA Silent Running Audio Scuttle Audio Rack

01/05/2024