Subj : D-Link routers are being hacked to steal customer passwords  but
To   : All
From : TechnologyDaily
Date : Mon Jul 01 2024 19:15:05

D-Link routers are being hacked to steal customer passwords  but it says 
there is no patch

Date:
Mon, 01 Jul 2024 18:06:41 +0000

Description:
The still-popular D-Link device in question reached end-of-life long ago, and 
as such will not be getting a patch.

FULL STORY
======================================================================

Threat actors are abusing a vulnerability in an outdated D-Link router to 
steal peoples sensitive data, researchers have claimed. 

Cybersecurity experts from GreyNoise recently reported observing hackers in 
the wild, abusing a critical vulnerability in D-Link DIR-859 Wi-Fi routers. 

The flaw is described as a path traversal vulnerability that leads to 
information disclosure, and is tracked as CVE-2024-0769. It has a severity 
score of 9.8/10, and was first discovered in January 2024. A fair warning 

The researchers said that the threat actors are targeting the 
DEVICE.ACCOUNT.xml file, in order to grab all account names, passwords, user 
groups, and user descriptions, found on the device. 

The worst part is that the device reached end-of-life in early 2020, meaning 
D-Link will not be patching this flaw. Instead, users are advised to replace 
the hardware with a newer component that still receives vendor support. 
Still, D-Link released a security advisory warning its customers of a 
vulnerability discovered in the fatlady.php component of the device. In the 
advisory, the company explained that the flaw affects all versions of the 
firmware, and allows threat actors to escalate privileges and gain full 
control of the device through the admin panel. 

The researchers subtly criticized D-Link, suggesting that publishing a 
security advisory without a patch is meaningless. 

"It is unclear at this time what the intended use of this disclosed 
information is, it should be noted that these devices will never receive a 
patch," the researchers said. 

"Any information disclosed from the device will remain valuable to attackers 
for the lifetime of the device as long as it remains internet facing. 

However, information such as this one can serve as a warning to motivate 
users into migrating towards a newer device, or at least to shift the 
responsibility of a potential data breach towards the consumer. 

 Via BleepingComputer More from TechRadar Pro US government warns of D-Link 
router security flaws  patch now or potentially pay the price Here's a list 
of the best firewalls today These are the best endpoint protection tools 
right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/d-link-routers-are-being-hacked-to-stea
l-customer-passwords-but-it-says-there-is-no-patch


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.