Posted 4/9/2024, 8:30:00 PM
D-Link Urges Replacement of 92,000 Vulnerable, Unsupported NAS Devices Facing Exploitation
- D-Link issues replacement order for some expired NAS devices due to discovered security vulnerabilities being exploited
- Vulnerabilities include a critical backdoor from hardcoded credentials and a high severity command injection issue allowing remote code execution
- Over 92,000 vulnerable devices were found facing the internet, mostly in the UK but also thousands more worldwide
- Affected models include 5 NAS devices that reached End-of-Service between 2017-2020, which will not receive any firmware updates
- D-Link recommends deprecated models be retired and replaced as they no longer provide security patches or support