September 4, 2024 at 06:54AM
D-Link warns of multiple critical and high-severity remote code execution (RCE) vulnerabilities affecting the discontinued DIR-846 router model. Four RCE flaws, including OS command injection issues, remain unpatched. The company advises retiring and replacing EOL/EOS devices, as it has ceased firmware development for discontinued products and is unable to resolve issues. Users are urged to replace the router with newer, supported models due to increased malicious attacks on D-Link devices.
Key takeaways from the meeting notes on D-Link DIR-846 router vulnerabilities:
– The discontinued DIR-846 router model is affected by four remote code execution (RCE) vulnerabilities, including two critical-severity bugs (CVE-2024-44341 and CVE-2024-44342) and two high-severity bugs (CVE-2024-41622 and CVE-2024-44340).
– These vulnerabilities make it possible for remote attackers to execute arbitrary code on vulnerable devices and require authentication for successful exploitation.
– D-Link recommends retiring and replacing devices that have reached End of Life (EOL) /End of Service Life (EOS) Life-Cycle, as they have ceased firmware development for discontinued products and are unable to resolve device or firmware issues.
– Users are advised to replace the DIR-846 router with newer, supported models, as threat actors and botnet operators have targeted D-Link devices in malicious attacks.
Related: The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings regarding exploited vulnerabilities in End of Life (EOL) D-Link products, indicating the potential for significant security risks associated with these vulnerabilities. Additionally, the exploitation of unpatched D-Link NAS device vulnerabilities has been on the rise, highlighting the critical need for prompt action to address these security concerns. Established links with similar incidents include unauthenticated command injection flaws exposed in D-Link VPN routers and the CallStranger UPnP flaw, impacting billions of devices and enabling data exfiltration and DDoS attacks.