Critical Security Flaw Left Open by D-Link Leaves Routers at Mercy of Cybercriminals

Critical Security Flaw Left Open by D-Link Leaves Routers at Mercy of Cybercriminals

Frank Lv13
  2024-08-29 01:33:44 2024-08-29 01:33:44 Created   2024-08-30 01:33:44 2024-08-30 01:33:44 Updated    

Security researchers have discovered a critical vulnerability that affects D-Link DIR-859 Wi-Fi routers. This vulnerability, which is currently being exploited by hackers, can expose user credentials and provide remote access to a user’s local network. D-Link won’t patch the problem and suggests that customers buy a new router.

The vulnerability, tracked as CVE-2024-0769 , carries a severity score of 9.8 and affects all D-Link DIR-859 routers (regardless of their current firmware version).

Hackers can exploit the CVE to target the ‘DEVICE.ACCOUNT.xml’ file and obtain sensitive information, such as the device’s password. Configuration files associated with access control lists (ACLs) and device firewall settings may also be targeted.

The D-Link DIR-856 router on a white background.

D-Link

“The exploit’s variations, including one observed in the wild by GreyNoise, enable the extraction of account details from the device. The product is End-of-Life, so it won’t be patched, posing long-term exploitation risks. Multiple XML files can be invoked using the vulnerability.” - GreyNoise

Researchers first identified CVE-2024-0769 in January of 2024. Security monitoring group GreyNoise has since observed an attempt to exploit the vulnerability in the wild. While “an” attack isn’t too scary, this CVE has been disclosed for a while, so previous attacks may have simply gone undetected. (And, in any case, future attacks are certain.)

The D-Link DIR-859 launched in 2015 and reached end of service on December 10th, 2020. It’s an extremely outdated router, so poor security doesn’t come as much of a surprise. D-Link has published a security advisory to raise awareness of the issue, but it refuses to provide a patch, which is also unsurprising.

For those wondering, D-Link doesn’t appear to be offering discounts or coupons to affected customers.

Those who currently use the D-Link DIR-859 Wi-Fi router should replace it with a new router . Thankfully, the DIR-859 was an entry-level router with limited speeds and specs—any cheap replacement will be an upgrade in terms of speed, reliability, and security. If you’re on a budget, I suggest the ASUS RT-AX1800S . It offers Wi-Fi 6 connectivity, five Gigabit LAN ports, and dual-band MU-MIMO functionality (which was a notable omission from the D-Link DIR-859 at the time of its release).

Whatever router you choose, be sure to set it up with a brand new username and password. The username and password associated with your D-Link DIR-859 router may have been compromised.

Source: GreyNoise via TechRadar

EaseText Audio to Text Converter for Windows (Personal Edition) - An intelligent tool to transcribe & convert audio to text freely

  • Title: Critical Security Flaw Left Open by D-Link Leaves Routers at Mercy of Cybercriminals
  • Author: Frank
  • Created at : 2024-08-29 01:33:44
  • Updated at : 2024-08-30 01:33:44
  • Link: https://tech-revival.techidaily.com/critical-security-flaw-left-open-by-d-link-leaves-routers-at-mercy-of-cybercriminals/
  • License: This work is licensed under CC BY-NC-SA 4.0.
On this page
Critical Security Flaw Left Open by D-Link Leaves Routers at Mercy of Cybercriminals
  1. Critical Security Flaw Left Open by D-Link Leaves Routers at Mercy of Cybercriminals