WARNING — Critical Remote Hacking Flaws Affect D-Link VPN Routers
Remote Hacking Some widely sold D-Link VPN router models have been found vulnerable to three new high-risk security vulnerabilities, Remote Hacking
leaving millions of home and business networks open to cyberattacks
—even if they are secured with a strong password. Remote Hacking
which, if exploited, could allow remote attackers to execute arbitrary commands on vulnerable networking devices via specially-crafted requests and even launch denial-of-service attacks.
D-Link DSR-150, DSR-250, DSR-500, and DSR-1000AC and other VPN router models in
the DSR Family running firmware version 3.14 and 3.17 are vulnerable to the remotely exploitable root command injection flaw.
The Taiwanese networking equipment maker confirmed the issues in an advisory on December 1,
“From both WAN and LAN interfaces, this vulnerability could be exploited over the Internet,”
Digital Defense said in a report published today and shared with The Hacker News.
“Consequently, a remote, unauthenticated attacker with access to the router’s web interface could execute arbitrary commands as root,
effectively gaining complete control of the router.”
The flaws stem from the fact that the vulnerable component, the “Lua CGI,”
is accessible without authentication and lacks server-side filtering,
thus making it possible for an attacker
— authenticated or otherwise. Remote Hacking
A separate vulnerability reported by Digital Defense concerns the modification of the router configuration file to inject rogue CRON entries and execute arbitrary commands as the root user.
“The device uses a plain text config, which is the design to directly edit and upload the config to the same DSR devices accordingly,”
“The device uses a plain text config, which is the design to directly edit and upload the config to the same DSR devices accordingly,”
the company said. Remote Hacking
“If D-Link mitigates issue #1 and #2, as well as other, Remote Hacking
“If D-Link mitigates issue #1 and #2, as well as other, Remote Hacking
recently reported issues, the malicious user would need to engineer a way of gaining access to the device to upload a configuration file,
With the unprecedented rise in work from home as a result of the COVID-19 pandemic,
more employees may be connecting to corporate networks using one of the affected devices, Digital Defense cautioned.
As organizations have scrambled to adapt to remote work and offer secure remote access to enterprise systems,
the change has created new attack surfaces,
with flaws in VPNs becoming popular targets for attackers to gain entry into internal corporate networks.
It’s recommended that businesses using the affected products apply the relevant updates as and when they are available.
It’s recommended that businesses using the affected products apply the relevant updates as and when they are available.