From the Article
The affected devices include the D-Link DNS-320, 320L, 326, 327L, 320B, 345, 325, and 322L.
Researchers have identified dozens of vulnerabilities in several D-Link products, some of which allow attackers to bypass authentication requirements or upload arbitrary files to target devices
The Search-Lab researchers also found what they termed a backdoor on some of the D-Link devices.
“So a new admin session was created without requiring username and password. After it, the attacker had to do only to set the Cookie to username=admin and full access to the device was obtained.”
For More Information check the link below
No comments:
Post a Comment