"Exploited: Critical Security Risks in Over 92,000 D-Link NAS Devices"

April 8, 2024 at 06:56 PM

•

1 min read

"Exploited: Critical Security Risks in Over 92,000 D-Link NAS Devices" — Photo: Ars Technica

TL;DR Summary

Hackers are actively exploiting critical vulnerabilities in 92,000 D-Link network-attached storage devices, which can be remotely taken over by sending malicious commands through simple HTTP traffic. D-Link has no plans to patch the vulnerabilities in end-of-life devices, leaving them unsupported. The vulnerabilities, found in the nas_sharing.cgi programming interface, allow for remote takeover and have severity ratings of 9.8 and 7.3. The best defense is to replace end-of-life hardware or ensure it's running the most recent firmware, and to disable UPnP and remote Internet connections unless necessary and properly configured.

Topics:technology #cybersecurity #d-link #exploitation #network-attached-storage #technology #vulnerability

Share this article

Critical takeover vulnerabilities in 92000 D-Link devices under active exploitation Ars Technica
Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks BleepingComputer
Over 92,000 Internet-facing D-Link NAS devices can be easily hacked Security Affairs
Thousands of D-Link NAS devices have serious backdoor security issues TechRadar
Over 92000 D-Link NAS devices face compromise risk SC Media

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

85%

605 → 89 words

Want the full story? Read the original article

Read on Ars Technica

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights