Security News

The D-Link EXO AX4800 router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. The D-Link DIR-X4860 router is a high-performance Wi-Fi 6 router capable of speeds of up to 4800 Mbps and advanced features like OFDMA, MU-MIMO, and BSS Coloring that enhance efficiency and reduce interference.

A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security flaw with the goal of using the compromised devices for further...

Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices. Tracked...

Attackers are now actively targeting over 92,000 end-of-life D-Link Network Attached Storage devices exposed online and unpatched against a critical remote code execution zero-day flaw. Mirai variants are usually designed to add infected devices to a botnet that can be used in large-scale distributed denial-of-service attacks.

A vulnerability in four old D-Link NAS models could be exploited to compromise internet-facing devices, a threat researcher has found.The existence of the flaw was confirmed by D-Link last week, and an exploit for opening an interactive shell has popped up on GitHub.

A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage device models. The two main issues contributing to the flaw, tracked as CVE-2024-3273, are a backdoor facilitated through a hardcoded account and a command injection problem via the "System" parameter.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This...

On October 1, word of a data breach spread after a post on a hacking forum claimed to be selling 3 million lines of customer information as well as D-View source code for a one-time $500 fee. D-Link's public disclosure confirmed it became aware of the incident on October 2 and with the help of investigators called in from Trend Micro, the company determined the actual number of stolen records to be around the 700 mark - substantially off the previously advertised total.

Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is "low-sensitivity and semi-public information." "The data was confirmed...

Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month. The attacker claims to have stolen source code for D-Link's D-View network management software, along with millions of entries containing personal information of customers and employees, including details on the company's CEO. The stolen data allegedly includes names, emails, addresses, phone numbers, account registration dates, and the users' last sign-in dates.