Home Routers US government warns of D-Link router security flaws — patch now or potentially pay the price
Routers

US government warns of D-Link router security flaws — patch now or potentially pay the price

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities, found in some D-Link routers, to its database of Known Exploited Vulnerabilities (KEV), meaning it has evidence of in-the-wild abuse.

The two vulnerabilities are tracked as CVE-20214-100005, and CVE-2021-40655. The former is a cross-site request forgery (CSRF) flaw, found in D-Link DIR-600 routers, while the latter is an information disclosure flaw found in D-Link DIR-605 routers. The former allows threat actors to change router configurations, while the latter enables login credential theft.

Author

Silence Dogood

Leave a Reply