A number of firmware flaws in D-Link VPN routers could expose these devices to zero-day attacks exploitation. These vulnerabilities have not been fully fixed, so threat actors could launch root command injection attacks remotely to take control of an affected device.
Affected models include the D-Link DSR-150, DSR-250, DSR-500, and DSR-1000AC VPN running firmware version 3.14 and 3.17.
On the attack, the report mentions that this depends on the exploitation of three chained flaws, identified as a LAN/WAN root command injection vulnerability, command injection flaws, and an authenticated contrab injection.
Shortly the next D-Link formed fault detection, tracked as CVE-2020-2557, CVE-2020-25759 and CVE-2020-25758. The company added that the patches for the beta version, in addition to the recommended mitigation methods, significantly reduce the risk of exploiting this flaw: “The two vulnerabilities were confirmed and the patches are already in development. One of the reported flaws is actually a design condition, so a security patch will not be released,” adds the D-Link report.
The first two flaws will be completely mitigated in the coming weeks, the company says: “We have created a patch for affected versions and models. Please refer to the information provided on our official platforms to protect your devices.”
Routers are common home network devices sold at numerous points of sale, meaning that millions of people working remotely could be exposed to multiple attack variants, although no active exploit attempts have been detected. Isolation measures remain in place due to constant COVID-19 outbreaks, so technology developers need to pay more attention to security in home networks to prevent further security incidents.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.