Vulnerability on a series of D-Link routers allows remote code execution but will not be fixed !!!!

Hamza Oplex October 10, 2019

d-link,dlink,tplink,tp-link,dlink router login,d-link (business operation),d link,d-link wireless router,wifi,buy d-link,d-link av500,d-link cloud,internet,buy tp-link,d-link dir-878,d-link camera,d-link شرح,d-link router,d-link dir-809,login dlink,how to configure d-link wireless router,d-link dir-600m,d-link 750mbps,d-link dcs-933l,wireless,router dlink,dlink dir 615,dlink router,d-link dsl 2740u,domotica d-link

Vulnerability on a series of D-Link routers allows remote code execution but will not be fixed

Fortinet's FortiGuard Labs discovered and reported an unauthenticated command injection vulnerability (FGVD-19-117 / CVE-2019-16920) in D-Link products that could lead to remote code execution without authentication. The cybersecurity specialists therefore considers this problem as critical.

"The main cause of the vulnerability is the lack of verification of the integrity of arbitrary commands executed by the execution of native system commands, which is a typical security pit for many firmware manufacturers" Fortinet explains. blog.

The vulnerability has been detected in the latest firmware of the following D-Link routers: DIR-655, DIR-866L, DIR-652, and DHP-1565. These equipments arrived at the end of their life. D-Link, which was notified of the problem on September 22nd (and confirmed the vulnerability the next day) will not make any bug fixes. That's why Fortinet believes that it is essential for users of these devices to immediately turn to a new product.

Vulnerability on a series of D-Link routers allows remote code execution but will not be fixed !!!!