A cybersecurity researcher using the online moniker ‘NetworkSecurityFish’ disclosed two vulnerabilities in some D-Link network-attached storage (NAS) devices that can allow an attacker to take control of the device. One vulnerability allows remote access to the device’s web management interface, while the other allows command injection.
D-Link has issued an advisory to warn its customers about the vulnerabilities, but it is not releasing patches because all affected products have reached end-of-life.
Read more – Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.