AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
D'Link Router Software4/22/2021
As reported by BleepingComputer, the companys router firmware images have been leaking the secret key used to encrypt their proprietary firmware binaries.Moreover, some devices have reached their end of life phase, which means they wouldnt be patched.An attacker can perform command injection by injecting the payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet, stated Loginsofts advisory.
The recommendation made by Loginsoft ACE Team to mitigate the vulnerability is to follow a blacklisting approach to filter out command injection-related payloads, such as; etc. These devices running firmware versions v1.42 (and below) and v12.06.B09 (and below) remain vulnerable with no upgrade path. Ax Sharma is a Security Researcher, Engineer, and Tech Columnist. His works and expert analyses have frequently been featured by leading media outlets like Fortune, The Register, TechRepublic, CIO, etc. Axs expertise lies in vulnerability research, reverse engineering, software development, and web app security. Hes an active community member of the OWASP Foundation and the British Association of Journalists (BAJ). ![]() Its the worlds first comprehensive personal cyber protection solution.
0 Comments
Read More
Leave a Reply. |