Posted 4/8/2024, 10:17:59 PM
Critical RCE Flaw in 92K EOL D-Link NAS Devices Now Exploited to Spread Mirai Malware
- Critical RCE vulnerability in 92,000 end-of-life D-Link NAS devices is now being exploited to deploy Mirai malware
- Vulnerability is due to a backdoor account and command injection issue that allows attackers to execute commands
- Attacks started Monday; D-Link says it will not patch devices as they are end-of-life, recommends retiring them
- Affected models include DNS-340L, DNS-320L, DNS-327L, DNS-325 and others no longer supported
- D-Link released advisory warning consumers to replace devices, but can't notify owners or auto-update end-of-life products