More Than 50 Vulnerabilities Discovered in D-Link NAS and NVR Devices

SEARCH-LAB, a security testing company based in Hungary discovered more than 50 vulnerabilities in network attached storage(NAS) and network video recorder(NVR) from D-Link.
A total of 53 vulnerabilities were identified in the latest firmware. Several of these vulnerabilities can be abused by attackers to execute code and get full control of a device.

The assessment was conducted on the following devices,
  • DNS-320, Revision A: 2.03, 13/05/2013
  • DNS-320L, 1.03b04, 11/11/2013
  • DNS-327L, 1.02, 02/07/2014
  • DNR-326, 1.40b03, 7/19/2013

The vulnerabilities discovered can also affect the following devices,
  • DNS-320B, 1,02b01, 23/04/2014
  • DNS-345, 1.03b06, 30/07/2014
  • DNS-325, 1.05b03, 30/12/2013
  • DNS-322L, 2.00b07

These issues were reported to D-Link, many of which were patched and there are still some which remain unfixed.
It is recommended that users apply patches where available and are recommended not to expose the web interface of the DNS and DNR devices to the internet.

Full specific details can be downloaded [Click Here!]

Source: [SEARCH-LAB]


Free counters!


MauriHackerS - Providing Latest IT Security and Hacking News !