A critical severity vulnerability tracked as CVE-2024-0769 was discovered in D-Link DIR-859 WiFi routers discontinued four years ago. Attackers have started exploiting the flaw, allowing them to access and leak sensitive information without authentication remotely. Proof-of-concept code targeting the vulnerability was published, and GreyNoise observed the first in-the-wild attempt to exploit the security defect.
The in-the-wild exploit targets a different file to disclose sensitive information associated with all user accounts on the device. Since the vulnerability affects all D-Link DIR-859 revisions and firmware versions, owners are advised to replace these routers with newer, supported products, as the vendor has stopped providing fixes for these discontinued devices.
Read more: Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.