Jump to content
Not connected, Your IP: 13.59.2.242
OpenSourcerer

D-Link "fixed" serious security issues - by adding a fourth serious vulnerability

Recommended Posts

/dev/ttyS0 recently analyzed D-Link's DIR-890L and found a security issue which opens up the possibility of executing any code with privileges of system, i.e. root.

The worst thing about it is: The firmware version was designed to patch three different vulnerabilities in connection with HTTP and UPnP...

 

.. which were, well, not really closed.

  • If you are using a D-Link router or
  • if you are planning on buying one,

scroll to the bottom of the post and see if your model is listed there. If so, you should really think about your habits or your choices, respectively.

 

From what I understood, this can only be exploited in a local network. The truth is: If D-Link doesn't seem to care about exploits in local networks - do you really think they care about what's coming from the internet? You should really abandon the D-Link ship.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...