Security News > 2024 > April > Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks
Attackers are now actively targeting over 92,000 end-of-life D-Link Network Attached Storage devices exposed online and unpatched against a critical remote code execution zero-day flaw.
Mirai variants are usually designed to add infected devices to a botnet that can be used in large-scale distributed denial-of-service attacks.
The spokesperson added that these NAS devices do not have automatic online updating or alert delivery capabilities, making it impossible to notify the owners of these ongoing attacks.
"If US consumers continue to use these devices against D-Link's recommendation, please make sure the device has the last known firmware," D-Link warned.
What D-Link didn't say is that NAS devices shouldn't be exposed online since they are commonly targeted in ransomware attacks to steal or encrypt data.
Over 92,000 exposed D-Link NAS devices have a backdoor account.
News URL
Related news
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)