dragosr  

D-Link tells users to trash old VPN routers over bug too dangerous to identify.

Hopefully folks realize they should replace it with another vendor.

This vuln was covered at DEF CON 32 by Sam Curry. TR-069 is an admin access protocol that lets DLink work with your router remotely (reset device, etc.). Bad actors use spoofed requests to change config data, read the MAC address, monitor traffic, and use them as botnets. TR-069 is industry standard

theregister.com/2024/11/20/dli

1
m0xEE
Follow

@dragosr
Even the oldest one of the listed routers is more capable than the one I'm currently using. Just sending them to trash like that? Insane!
Don't they know that bad PR doesn't work so well for networking equipment manufacturers? 😏

· Web · 0 · 0 · 0
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml