Skip to main content

D-Link fixes serious security flaws that could have left your business wide open to attack

Web Hosting & Remote IT Support

D-Link has released patches for two critical vulnerabilities found in its network management suite which could allow threat actors to bypass authentication and execute arbitrary code, remotely. 

The company fixed two flaws found in D-View, its network management suite that various businesses use for general network management and administration.

The flaws were discovered late last year by security researchers taking part in Trend Micro’s Zero Day Initiative (ZDI). During the event, researchers found multiple vulnerabilities, with two standing out: CVE-2023-32165, and CVE-2023-32169. The former is a remote code execution flaw, which could be used to run malicious code with SYSTEM privileges. The latter, on the other hand, is an authentication bypass vulnerability that allows for the escalation of privilege, unauthorized access of information, and in some cases, installation of malware. 

Beta patch

Both flaws carry a severity score of 9.8 (critical). The issue affects D-View 8 version 2.9.1.27 and older. D-Link released the patch roughly two weeks ago, and is now urging users to apply it as soon as possible.

"As soon as D-Link was made aware of the reported security issues, we had promptly started our investigation and began developing security patches," the company said in a security advisory. The vendor also warned users that the patch is actually “beta software or hot-fix release”, meaning additional changes might occur in the future. It also means that the D-View might be unstable, or crash, after the introduction of the patch. 

The vendor also told users to verify the hardware revision of their endpoints, by inspecting the underside label or the web configuration panel, so that they don’t download the wrong firmware update. 

The full list of the discovered vulnerabilities is as follows:

Read more

> This venerable security vulnerability has exposed millions of routers to attack

 > Pretty much all Wi-Fi routers are vulnerable to attack, study finds

 > These are the best ID theft protection tools right now

  • ZDI-CAN-19496: D-Link D-View TftpSendFileThread Directory Traversal Information Disclosure Vulnerability
  • ZDI-CAN-19497: D-Link D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution Vulnerability
  • ZDI-CAN-19527: D-Link D-View uploadFile Directory Traversal Arbitrary File Creation Vulnerability
  • ZDI-CAN-19529: D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability
  • ZDI-CAN-19534: D-Link D-View showUser Improper Authorization Privilege Escalation ZDI-CAN-19659: D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability

Via: BleepingComputer



via Hosting & Support
Labels:

Comments

Post a Comment

Web Hosting
Remote IT Support
Sites & Socials
Computing Handbook - $9.95

Popular posts from this blog

This new malware campaign can hijack your Gmail or Outlook email account

Web Hosting & Remote IT Support Cybersecurity researchers from Cisco Talos have spotted a new hacking campaign they claim is targeting victims’ sensitive data, login credentials, and email inboxes. Horabot is described as a botnet that has been active for almost two and a half years now (first spotted in November 2020). During that time, it’s mostly been tasked with distributing a banking trojan and spam malware .  Its operators seem to be located in Brazil, while its victims are Spanish-speaking users located mostly in Mexico, Uruguay, Venezuela Brazil, Panama, Argentina, and Guatemala. Horabot botnet The victims are found in different industries, from investment firms to wholesale distribution, from construction to engineering, and accounting. The attack starts with an email message carrying a malicious HTML attachment. Ultimately, the victim is urged to download a .RAR archive, which holds the banking trojan.  The malware is capable of doing plenty of things: stealing l
Post a Comment
Read more

Want to store 1PB of data in the cloud? This startup can do it for you for as little as $10,000 a month — Qumulo says it can scale to Exabytes off premise and wants to eradicate tapes once and for all

Web Hosting & Remote IT Support Qumulo has launched Azure Native Qumulo Cold (ANQ Cold), which it claims is the first truly cloud-native, fully managed SaaS solution for storing and retrieving infrequently accessed “cold” file data. Fully POSIX-compliant and positioned as an on-premises alternative to tape storage, ANQ Cold can be used as a standalone file service, a backup target for any file store, including on-premises legacy scale-out NAS, and it can be integrated into a hybrid storage infrastructure, enabling access to remote data as if it were local. It can also scale to an exabyte-level file system in a single namespace. “ANQ Cold is an industry game changer for economically storing and retrieving cold file data,” said Ryan Farris, VP of Product at Qumulo. “To put this in perspective with a common use case, hospital IT administrators in charge of PACS archival data can use ANQ Cold for the long-term retention of DICOM images at a fraction of their current on-premises leg
Post a Comment
Read more

No light without dark : making the most of ‘shadow IT’

Web Hosting & Remote IT Support In the last few decades, technology has created a modern digital workforce that is technically skilled and adept at finding innovative solutions that would help them succeed at work. However, with 95% of employees struggling with digital friction in the workplace - including a lack of access to the right tools - ambitious employees who are hungry for results have often needed to explore fixes outside the scope of existing systems provided by their employers. On top of that, the popularity of cloud-based apps has resulted in business processes often ending up fragmented across various systems, requiring workers to devote time to manual maintenance. This has accelerated the spread of (the unnecessarily ominous sounding) ‘shadow IT’, or applications that savvy workers use without official authorization to help them bypass limitations and get work done. In a perfect world, a balance can be struck between giving these technically skilled workers freed
Post a Comment
Read more