- Apr 13, 2013
- 3,151
More vulnerabilities have been detected in a D-Link router, withdrawal a device exposed to attacks around a web interface – usually weeks after a find of a “backdoor” in other D-Link devices.
Security researcher Liad Mizrachi pronounced he told a association of a bugs on several occasions, though D-Link unsuccessful to respond, according to Threatpost. The D-Link 2760N – also famous as a D-Link DSL-2760U-BN – is receptive to several cross-site scripting bugs.
Details of Mizrachi’s commentary can be found here.
The news follows a find of a serious “backdoor” disadvantage in several D-Link models, reported by We Live Security here.
Craig Heffner, a confidence researcher, and former worker of a National Security Administration, claimed that a backdoor appears to have been placed deliberately – and could concede enemy entrance to unencrypted data, saying, “You can entrance a web interface but any authentication and view/change a device settings.
The formula that could concede entrance was found on a Russian cybercrime forum, according to Heffner.
D-Link has given released patches for influenced routers, saying, “We are proactively operative with a sources of these reports as good as stability to examination opposite a finish product line to safeguard that a vulnerabilities detected are addressed.”
D-Link is one of a largest manufacturers of networking apparatus on Earth, sole underneath a possess brand. The association describes itself as “the tellurian personality in sum products shipped for consumer networking connectivity.”
CNET spoke to Jacob Holcomb, who detected widespread vulnerabilities in renouned routers progressing this year, who said, “Code created for these inclination continues to yield unsound confidence for today’s digital society, and manufacturers should be hold accountable for a doing of formula that intentionally circumvents security.”
In October, Heffner found vulnerabilities in routers from Tenda – that enclose a dark “backdoor” that could concede enemy to “take over” a router and send it commands, as reported by We Live Security here. The Chinese manufacturer also sells routers branded as Medialink, and a machines are accessible around a world.
Heffner says that he done “short work” of enormous a routers, and that all an assailant needs to do is send a “magic string” to govern commands.
http://www.itsecuresite.com/seclabs...-vulnerable-to-attacks-researcher-claims.html
Security researcher Liad Mizrachi pronounced he told a association of a bugs on several occasions, though D-Link unsuccessful to respond, according to Threatpost. The D-Link 2760N – also famous as a D-Link DSL-2760U-BN – is receptive to several cross-site scripting bugs.
Details of Mizrachi’s commentary can be found here.
The news follows a find of a serious “backdoor” disadvantage in several D-Link models, reported by We Live Security here.
Craig Heffner, a confidence researcher, and former worker of a National Security Administration, claimed that a backdoor appears to have been placed deliberately – and could concede enemy entrance to unencrypted data, saying, “You can entrance a web interface but any authentication and view/change a device settings.
The formula that could concede entrance was found on a Russian cybercrime forum, according to Heffner.
D-Link has given released patches for influenced routers, saying, “We are proactively operative with a sources of these reports as good as stability to examination opposite a finish product line to safeguard that a vulnerabilities detected are addressed.”
D-Link is one of a largest manufacturers of networking apparatus on Earth, sole underneath a possess brand. The association describes itself as “the tellurian personality in sum products shipped for consumer networking connectivity.”
CNET spoke to Jacob Holcomb, who detected widespread vulnerabilities in renouned routers progressing this year, who said, “Code created for these inclination continues to yield unsound confidence for today’s digital society, and manufacturers should be hold accountable for a doing of formula that intentionally circumvents security.”
In October, Heffner found vulnerabilities in routers from Tenda – that enclose a dark “backdoor” that could concede enemy to “take over” a router and send it commands, as reported by We Live Security here. The Chinese manufacturer also sells routers branded as Medialink, and a machines are accessible around a world.
Heffner says that he done “short work” of enormous a routers, and that all an assailant needs to do is send a “magic string” to govern commands.
http://www.itsecuresite.com/seclabs...-vulnerable-to-attacks-researcher-claims.html
