Security News > 2016 > August > XSS flaw in D-Link NAS devices allows attackers to mess with your data (Help Net Security)
2016-08-29 19:26
Security researcher Benjamin Daniel Mussler has unearthed an XSS flaw affecting seven D-Link NAS devices – a flaw which could allow attackers to access the devices and peruse and change the stored contents. He first found it in the firmware of D-Link DNS-320 rev A, a Network Storage Enclosure that allows users to access stored data via SMB and can be configured through a web interface. “The device’s administrative web interface contains a Stored Cross-Site … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/2kemFI_nxCo/
Related news
- Over 92,000 exposed D-Link NAS devices have a backdoor account (source)
- 92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273) (source)
- Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks (source)
- Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks (source)