![]() Lack of proper firmware protection-since the protection of the firmware images is non-existent, an attacker could upload a new, malicious firmware version to the router. ![]() Here's the list of 10 zero-day vulnerabilities affect both D-Link 850L revision A and revision B Kim discovered: ![]() So, Kim opted to publicly disclose the details of these zero-day flaws this time and published their details without giving the Taiwan-based networking equipment maker the chance to fix them. The same happened in February, when the researcher reported nine security flaws in D-Link products but disclosed the vulnerabilities citing a "very badly coordinated" disclosure with D-Link. These zero-day vulnerabilities were discovered by Pierre Kim-the same security researcher who last year discovered and reported multiple severe flaws in D-Link DWR-932B LTE router, but the company ignored the issues. If successfully exploited, these vulnerabilities could allow hackers to intercept connection, upload malicious firmware, and get root privileges, enabling them to remotely hijack and control affected routers, as well as network, leaving all connected devices vulnerable to cyber attacks as well.
0 Comments
Leave a Reply. |