1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

D-Link vulnerability impacts 400,000 devices

Discussion in 'CSO' started by RSS, Jul 7, 2016.

  1. RSS

    RSS New Member Member

    Researchers at Senrio have released technical details surrounding a vulnerability in D-Link products, which if exploited, would allow a remote attacker full access to the devices. After being notified earlier this year, D-Link has promised to deliver fixes.

    In June, Senrio briefly described the issue on their company blog, and while they used their own custom tools, an attacker could replicate their work in order to target a vulnerable product.

    "The vulnerability allows code injection which lets the attacker set a custom password, granting remote access to the camera feed. Thus, even if users create a strong password, this type of exploit can override it. Instead of setting a new password as the exploit, an attacker could just as easily add a new user with administrator access, download firmware or otherwise re-configure this device," June's post explained.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page