US government warns of D-Link router security flaws — patch now or potentially pay the price

CISA did not detail exactly who, or how, is exploiting these vulnerabilities in the wild, but did give federal agencies a deadline of June 6, 2024, to address the issue. 

Patches available

The best way to fix the flaws is by patching the compromised devices. The cross-site request forgery vulnerability has been around for almost a decade, as it was first reported back in 2015. It is also worth mentioning that the D-Link DIR-600 devices, vulnerable to this flaw, have reached their end-of-life status, and as such no longer receive updates or security patches. 

Any new vulnerabilities found in these endpoints will remain unaddressed, so the safest thing to do at this point would be to just replace them with newer models that are still receiving vendor updates and security patches. 

The CSRF flaw is no game, either. It is labeled “critical”, and essentially allows threat actors to remotely hijack the authentication of administrators for requests that either create an administrator account or enable remote management via a crafted configuration module. Furthermore, attackers can use the flaw to activate new configuration settings, or send a ping via a ping action to diagnostic.php.

CVE-2021-40655, on the other hand, while allowing attackers to obtain some login credentials, has been labeled as “problematic”.

Via The Hacker News

More from TechRadar Pro

• Thousands of D-Link NAS devices have serious backdoor security issues
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now