Security News > 2024 > April > Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks
Attackers are now actively targeting over 92,000 end-of-life D-Link Network Attached Storage devices exposed online and unpatched against a critical remote code execution zero-day flaw.
Mirai variants are usually designed to add infected devices to a botnet that can be used in large-scale distributed denial-of-service attacks.
The spokesperson added that these NAS devices do not have automatic online updating or alert delivery capabilities, making it impossible to notify the owners of these ongoing attacks.
"If US consumers continue to use these devices against D-Link's recommendation, please make sure the device has the last known firmware," D-Link warned.
What D-Link didn't say is that NAS devices shouldn't be exposed online since they are commonly targeted in ransomware attacks to steal or encrypt data.
Over 92,000 exposed D-Link NAS devices have a backdoor account.
News URL
Related news
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- D-Link won’t fix critical flaw affecting 60,000 older NAS devices (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)