Thousands of D-Link NAS devices have serious backdoor security issues



A high-severity vulnerability has been recently discovered in certain D-Link Network Attached Storage (NAS) instances which could be used to run malicious code, steal sensitive data, and mount denial-of-service (DoS) attacks.

Cybersecurity researcher Netsecfish, who discovered the flaw, found multiple instances of D-Link’s NAS devices have an arbitrary command injection flaw in the “system” parameter, and a hardcoded account that can be used to access the device. As a result, hackers can run commands as they please:



Source Article Link

Leave a Comment