D-Link has updated customers on a security vulnerability with a selection of its devices, with the advice from the company to replace them as soon as possible.
The flaw impacts more than 60,000 network-attached storage devices that are popular with small businesses.
With a worrying number of businesses failing to deploy even basic cybersecurity measures, this is a call to action for any business using these devices to act quickly and move their data.
Which D-Link Devices Are Impacted?
In a support announcement, D-Link shares that models using specific firmware packages are at risk. These are:
- DNS-320 Version 1.00
- DNS-320LW Version 1.01.0914.2012
- DNS-325 Version 1.01, Version 1.02
- DNS-340L Version 1.08
This just in! View
the top business tech deals for 2024 👨💻
The announcement also includes a list of the storage device models that are impacted; with the suggestion that they are retired and replaced.
Potential Exploitable Flaw in D-Link Devices
D-Link explains that “the vulnerability is localized to the account_mgr CGI script, particularly when handling the cgi_user_add command” or when a new user needs to be added for access.
It adds that “the name parameter in this script does not adequately sanitize input, allowing command execution”, which is the publicly available exploit.
Security researcher Netsecfish noted in their own tests that there was a backdoor that could “allow an attacker to execute arbitrary commands on the system, potentially leading to unauthorized access to sensitive information, modification of system configurations, or denial of service conditions.”
No Support Offered by D-Link
D-Link confirmed in its announcement that it will not be offering a solution to this problem so owners need simply to find an alternative to keep their data safe. It writes: “If a product has reached the End of Support or End of Life, it typically does not receive further extended support or development.”
The company further explains: “Typically, D-Link cannot resolve device or firmware issues for these products since all development and customer support have ceased.”
This is the second backdoor flaw that the researcher has found for these devices this year so time is of the essence for customers.
D-Link device owners can check off their model with the list provided by the manufacturer. The company recommends strongly that any vulnerable devices are retired and removed from networks. With vulnerabilities already identified, it is only a matter of time before they are exploited, if they haven’t been already.
