12-17-2020 , 10:18 PM
Five major vulnerabilities have been discovered affecting D-Link routers by cybersecurity researchers working as part of Trustwave’s SpiderLabs team.
The bugs could enable attackers on the same [color=rgb( var(--theme-link) )]Wi-Fi network to gain user credentials and remotely execute code on the victim’s router.[/color]
The findings represent further bad news for D-Link, after the firm had to hastily patch a vulnerability found in its VPN routers. That disclosure, which was carried out by threat management firm Digital Defense only came to light [color=rgb( var(--theme-link) )]earlier this month.[/color]
“On the 30th of October, D-Link published a support announcement and released new firmware to patch five vulnerabilities that I identified on the DSL-2888A router as a part of the security research I do for Trustwave SpiderLabs,” Harold Zang, Technical Specialist at Trustwave SpiderLabs, [color=rgb( var(--theme-link) )]explained. [/color]
“These security vulnerabilities could allow a malicious Wi-Fi or local network user to gain unauthorized access to the router web interface, obtain the router password hash, gain plaintext credentials, and execute system commands on the router.”
Source
The bugs could enable attackers on the same [color=rgb( var(--theme-link) )]Wi-Fi network to gain user credentials and remotely execute code on the victim’s router.[/color]
The findings represent further bad news for D-Link, after the firm had to hastily patch a vulnerability found in its VPN routers. That disclosure, which was carried out by threat management firm Digital Defense only came to light [color=rgb( var(--theme-link) )]earlier this month.[/color]
“On the 30th of October, D-Link published a support announcement and released new firmware to patch five vulnerabilities that I identified on the DSL-2888A router as a part of the security research I do for Trustwave SpiderLabs,” Harold Zang, Technical Specialist at Trustwave SpiderLabs, [color=rgb( var(--theme-link) )]explained. [/color]
“These security vulnerabilities could allow a malicious Wi-Fi or local network user to gain unauthorized access to the router web interface, obtain the router password hash, gain plaintext credentials, and execute system commands on the router.”
Source