-
Critical bug in EoL D-Link NAS devices now exploited in attacks
Attackers now target a critical severity vulnerability with publicly available exploit code that affects multiple models of end-of-life D-Link network-attached storage (NAS) devices.
- November 13, 2024
- 01:36 PM
2
-
D-Link won’t fix critical bug in 60,000 exposed EoL modems
Tens of thousands of exposed D-Link routers that have reached their end-of-life are vulnerable to a critical security issue that allows an unauthenticated remote attacker to change any user's password and take complete control of the device.
- November 12, 2024
- 03:31 PM
3
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
D-Link won’t fix critical flaw affecting 60,000 older NAS devices
More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit.
- November 08, 2024
- 02:21 PM
- 2
-
D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers
D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the devices using hardcoded credentials.
- September 16, 2024
- 10:24 AM
- 3
-
D-Link says it is not fixing four RCE flaws in DIR-846W routers
D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router will not be fixed as the products are no longer supported.
- September 03, 2024
- 11:46 AM
- 4
-
Hackers exploit critical D-Link DIR-859 router flaw to steal passwords
Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords.
- June 29, 2024
- 11:18 AM
- 2
-
CISA warns of hackers exploiting Chrome, EoL D-Link bugs
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers.
- May 19, 2024
- 10:17 AM
- 0
-
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.
- May 14, 2024
- 06:10 PM
- 0
-
Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks
Attackers are now actively targeting over 92,000 end-of-life D-Link Network Attached Storage (NAS) devices exposed online and unpatched against a critical remote code execution (RCE) zero-day flaw.
- April 08, 2024
- 06:17 PM
- 1
-
Over 92,000 exposed D-Link NAS devices have a backdoor account
A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models.
- April 06, 2024
- 10:16 AM
- 0
-
D-Link confirms data breach after employee phishing attack
Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month.
- October 17, 2023
- 02:48 PM
- 0
-
D-Link WiFi range extender vulnerable to command injection attacks
The popular D-Link DAP-X1860 WiFi 6 range extender is susceptible to a vulnerability allowing DoS (denial of service) attacks and remote command injection.
- October 09, 2023
- 05:53 PM
- 1
-
D-Link fixes auth bypass and RCE flaws in D-View 8 software
D-Link has fixed two critical-severity vulnerabilities in its D-View 8 network management suite that could allow remote attackers to bypass authentication and execute arbitrary code.
- May 25, 2023
- 12:57 PM
- 0
-
CISA orders agencies to patch Chrome, D-Link flaws used in attacks
CISA has added 12 more security flaws to its list of bugs exploited in attacks, including two critical D-Link vulnerabilities and two (now-patched) zero-days in Google Chrome and the Photo Station QNAP software.
- September 08, 2022
- 03:11 PM
- 0
-
Moobot botnet is coming for your unpatched D-Link router
The Mirai malware botnet variant known as 'MooBot' has re-emerged in a new attack wave that started early last month, targeting vulnerable D-Link routers with a mix of old and new exploits.
- September 06, 2022
- 04:40 PM
- 1
-
D-Link VPN routers get patch for remote command injection bugs
A vulnerability in D-link firmware powering multiple routers with VPN passthrough functionality allows attackers to take full control of the device.
- December 08, 2020
- 09:02 AM
- 0
-
5 severe D-Link router vulnerabilities disclosed, patch now
5 severe D-Link vulnerabilities have been disclosed that could allow an attacker to take complete control over a router without needing to login.
- July 24, 2020
- 08:15 AM
- 1
-
D-Link leaves severe security bugs in home router unpatched
D-Link has released a firmware update to fix three out of six security vulnerabilities reported for the DIR-865L wireless router model for consumers. One flaw is rated critical, others are high-severity.
- June 12, 2020
- 03:19 PM
- 4
-
Bugs in D-Link and Comba Networking Gear Disclose Passwords
Vulnerabilities found in networking gear from D-Link and Comba allow retrieving sensitive information like ISP credentials and device access passwords without authentication.
- September 10, 2019
- 09:57 AM
- 0
-
D-Link Settles FTC Lawsuit, Promises to Enhance Device Security
Taiwanese networking equipment manufacturer D-Link today settled a Federal Trade Commission (FTC) lawsuit originating from a 2017 complaint saying that it failed to properly secure its Internet-connected cameras and wireless routers.
- July 02, 2019
- 04:14 PM
- 0
- 1
- 2
