6 New Critical Vulnerabilities Found in D-Link Routers let Hackers Launch Remote Attacks

Recently, the security experts at Palo Alto Networks has identified 6 new critical vulnerabilities in the DIR-865L model of D-Link routers, which allows the attackers to launch cyberattacks remotely.

DIR-865L model router was initially released in 2012, and it’s no longer supported in the United States, nor in Europe as the status of this product is already termed as dropped. In short, this model has already been discontinued and can no longer be purchased, but still supported by the manufacturer.

That’s why D-Link has released a firmware update that fixes three of the six vulnerabilities that were detected in the DIR-865L wireless router. One of the uncorrected vulnerabilities is critical, and the other two are dangerous. 

By exploiting these security flaws, an attacker can easily execute arbitrary commands, steal confidential information, download malware, or even delete data as well.

EHA

According to the report, 42 security experts at Palo Alto Networks have discovered these critical vulnerabilities in the D-Link DIR-865L at the end of February and reported them to the manufacturer. 

6 Critical Security Flaws

Here are the 6 security flaws discovered by the security experts at Palo Alto Networks:-

  • CVE-2020-13782: Improper Neutralization of Special Elements Used in a Command (Command Injection) 
  • This security flaw was rated 9.8 on the CVSS scale by the security experts, and this security flaw is not yet fixed.
  • This security flaw was rated 8.8 on the CVSS scale by the security experts, and this security flaw is fixed.
  • This security flaw was rated 7.5 on the CVSS scale by the security experts, and currently, this security flaw is fixed.
  • This security flaw was rated 7.5 on the CVSS scale by the security experts, and currently, this security flaw is not yet fixed.
  • This security flaw was rated 7.5 on the CVSS scale by the security experts, and currently, this security flaw is fixed.
  • This security flaw was rated 7.5 on the CVSS scale by the security experts, and this security flaw is not yet fixed.

Although the vulnerability of command injection received a critical assessment of danger from the NVD (National Vulnerability Database), but authentication is required to use it. 

According to one of the security researchers, combining some of these vulnerabilities could allow the attackers to intercept the network traffic and steal session cookies for later use.

In this way, the attackers can easily gain access to the administrative portal for file sharing, which enables them to download arbitrary malicious files, download confidential files, or delete sensitive data on the affected device, as we told earlier. 

Moreover, they can also use the stolen cookies to launch arbitrary commands and launch DoS (Denial-of-service) attacks. Apart from this, D-Link quickly acted and responded to the information provided by the security experts, and released a beta version of the firmware, in which only three vulnerabilities were fixed that we have mentioned above. 

Also Read:

GhostDNS Router Exploit Kit Source Code Leaked to Antivirus Company

Muhstik Botnet Attack & Harvests Vulnerable Linux-based Tomato Routers To Perform DDOS Attacks

BALAJI is a Former Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

LEAVE A REPLY

Please enter your comment!
Please enter your name here