{"id":1113,"date":"2020-12-08T16:53:31","date_gmt":"2020-12-08T16:53:31","guid":{"rendered":"http:\/\/zerothcode.com\/blog\/?p=1113"},"modified":"2020-12-08T16:53:31","modified_gmt":"2020-12-08T16:53:31","slug":"warning-critical-remote-hacking-flaws-affect-d-link-vpn-routers","status":"publish","type":"post","link":"https:\/\/zerothcode.com\/blog\/warning-critical-remote-hacking-flaws-affect-d-link-vpn-routers\/","title":{"rendered":"WARNING \u2014 Critical Remote Hacking Flaws Affect D-Link VPN Routers"},"content":{"rendered":"

Remote Hacking Some widely sold D-Link VPN router models have been found vulnerable to three new high-risk security vulnerabilities, Remote Hacking<\/p>\n

leaving millions of home and business networks open to cyberattacks<\/h4>\n

\u2014even if they are secured with a strong password. Remote Hacking<\/h4>\n

which, if exploited, could allow remote attackers to execute arbitrary commands on vulnerable networking devices via specially-crafted requests and even launch denial-of-service attacks.<\/p>\n

D-Link DSR-150, DSR-250, DSR-500, and DSR-1000AC and other VPN router models in<\/p>\n

the DSR Family running firmware version 3.14 and 3.17 are vulnerable to the remotely exploitable root command injection flaw.<\/p>\n

The Taiwanese networking equipment maker\u00a0confirmed<\/a>\u00a0the issues in an advisory on December 1,<\/p>\n

“From both WAN and LAN interfaces, this vulnerability could be exploited over the Internet,”<\/p>\n

Digital Defense said in a report published today and shared with The Hacker News.<\/p>\n

“Consequently, a remote, unauthenticated attacker with access to the router’s web interface could execute arbitrary commands as root,<\/p>\n

effectively gaining complete control of the router.”<\/p>\n

The flaws stem from the fact that the vulnerable component, the “Lua CGI,”<\/p>\n

is accessible without authentication and lacks server-side filtering,<\/p>\n

thus making it possible for an attacker<\/p>\n

\u2014 authenticated or otherwise. Remote Hacking<\/p>\n

\n
\"Remote<\/a>
Remote Hacking<\/figcaption><\/figure>\n<\/div>\n

A separate vulnerability reported by Digital Defense concerns the modification of the router configuration file to inject rogue CRON entries and execute arbitrary commands as the root user.<\/p>\n

“The device uses a plain text config, which is the design to directly edit and upload the config to the same DSR devices accordingly,”<\/p>\n

“The device uses a plain text config, which is the design to directly edit and upload the config to the same DSR devices accordingly,”<\/p>\n

the company said. Remote Hacking<\/p>\n

“If D-Link mitigates issue #1 and #2, as well as other, Remote Hacking<\/h4>\n

“If D-Link mitigates issue #1 and #2, as well as other, Remote Hacking<\/h4>\n

recently reported issues, the malicious user would need to engineer a way of gaining access to the device to upload a configuration file,<\/p>\n

With the unprecedented rise in work from home as a result of the COVID-19 pandemic,<\/p>\n

more employees may be connecting to corporate networks using one of the affected devices, Digital Defense cautioned.<\/p>\n

As organizations have scrambled to adapt to remote work and offer secure remote access to enterprise systems,<\/p>\n

the change has created new attack surfaces,<\/p>\n

with flaws in VPNs\u00a0becoming popular targets for attackers to gain entry into internal corporate networks.<\/p>\n

It’s recommended that businesses using the affected products apply the relevant updates as and when they are available.<\/p>\n

It’s recommended that businesses using the affected products apply the relevant updates as and when they are available.<\/p>\n","protected":false},"excerpt":{"rendered":"

Remote Hacking Some widely sold D-Link VPN router models have been found vulnerable to three new high-risk security vulnerabilities, Remote<\/p>\n","protected":false},"author":1,"featured_media":1114,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[37],"tags":[],"yst_prominent_words":[],"class_list":["post-1113","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hackers-news"],"_links":{"self":[{"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/posts\/1113","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/comments?post=1113"}],"version-history":[{"count":0,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/posts\/1113\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/media\/1114"}],"wp:attachment":[{"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/media?parent=1113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/categories?post=1113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/tags?post=1113"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/yst_prominent_words?post=1113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}