TheLostSwede
News Editor
- Joined
- Nov 11, 2004
- Messages
- 17,762 (2.42/day)
- Location
- Sweden
System Name | Overlord Mk MLI |
---|---|
Processor | AMD Ryzen 7 7800X3D |
Motherboard | Gigabyte X670E Aorus Master |
Cooling | Noctua NH-D15 SE with offsets |
Memory | 32GB Team T-Create Expert DDR5 6000 MHz @ CL30-34-34-68 |
Video Card(s) | Gainward GeForce RTX 4080 Phantom GS |
Storage | 1TB Solidigm P44 Pro, 2 TB Corsair MP600 Pro, 2TB Kingston KC3000 |
Display(s) | Acer XV272K LVbmiipruzx 4K@160Hz |
Case | Fractal Design Torrent Compact |
Audio Device(s) | Corsair Virtuoso SE |
Power Supply | be quiet! Pure Power 12 M 850 W |
Mouse | Logitech G502 Lightspeed |
Keyboard | Corsair K70 Max |
Software | Windows 10 Pro |
Benchmark Scores | https://valid.x86.fr/yfsd9w |
The US Cybersecurity and Infrastructure Security Agency, or CISA, is advising consumers and businesses to retire a whole range of D-Link routers, due to the devices being EOL. This is due to a severe vulnerability that affects the devices that goes under the CVE-ID of CVE-2021-45382. This is a remote command execution (RCE) vulnerability and it's not likely to get patched by D-Link and is considered serious enough that these devices should be taken offline post-haste. The vulnerability would allow an attacker to take over these devices using "diagnostic hooks" in the ncc2 service, which is tied to the DDNS function and would allow an attacker to gain full access by injecting malicious code.
Proof of concept code already exists on GitHub, which makes the likelihood of this attack vector being used even more likely. The known affected devices so far are the D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L and all hardware revisions are affected. Most of these routers were released around 2012 to 2014 and are either 802.11n or 802.11ac devices based on what appears to be Realtek or Ralink (now MediaTek) hardware. These aren't the only devices that CISA has given advice on recently, as the D-Link DIR-610 and DIR-645, as well as the Netgear DGN2200 are also devices that CISA recommends retirement for.
View at TechPowerUp Main Site | Source
Proof of concept code already exists on GitHub, which makes the likelihood of this attack vector being used even more likely. The known affected devices so far are the D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L and all hardware revisions are affected. Most of these routers were released around 2012 to 2014 and are either 802.11n or 802.11ac devices based on what appears to be Realtek or Ralink (now MediaTek) hardware. These aren't the only devices that CISA has given advice on recently, as the D-Link DIR-610 and DIR-645, as well as the Netgear DGN2200 are also devices that CISA recommends retirement for.
View at TechPowerUp Main Site | Source