0
0
Hackers Target Vulnerabilities in D-Link Network-Attached Storage Devices
Recent reports indicate that hackers have been actively exploiting vulnerabilities in network-attached storage devices manufactured by D-Link, posing a significant threat to approximately 92,000 vulnerable devices. These exploits allow attackers to take control of the devices remotely by sending malicious commands via simple HTTP traffic.
Root of the Issue
The vulnerabilities were first revealed two weeks ago, shedding light on the risks associated with end-of-life devices that are no longer supported by D-Link. Despite the lack of support from the manufacturer, security researchers have made these threats public to raise awareness about the potential dangers posed by these exploits.
Active Exploitation
Reports from security organizations indicate that active attempts to exploit these vulnerabilities have been detected, with malicious activity observed over the weekend. Attackers are targeting vulnerable devices with the aim of downloading and installing various forms of malware, exploiting weaknesses in the nas_sharing.cgi programming interface.
One of the vulnerabilities, tracked as CVE-2024-3272, involves a backdoor account with hardcoded credentials in the firmware, while the second flaw, CVE-2024-3273, allows for remote command injection through HTTP GET requests. These vulnerabilities create an ideal scenario for remote takeovers, with severity ratings of 9.8 and 7.3 out of 10, respectively.
Protective Measures
To safeguard against these attacks, users are advised to replace end-of-life hardware where possible. Alternatively, ensuring that devices are running the latest firmware can help mitigate risks. D-Link has released an advisory listing affected models and recommending retirement and replacement of vulnerable devices.
In the event that replacement is not feasible, users should disable UPnP and restrict connections from remote Internet addresses unless necessary. By following these recommendations and staying informed about potential threats, users can better protect their network-attached storage devices from malicious exploits.
Image/Photo credit: source url
