Security researchers have disclosed a pair of vulnerabilities affecting at least 13 D-Link router models. CVE-2019-17621 is a remote command execution flaw that resides in the code used to manage UPnP requests. An unauthenticated attacker with access to the same local area network segment of the vulnerable device can exploit the vulnerability to assume full control of the router. The other vulnerability, tracked as CVE-2019-20213, is an information disclosure issue that could be exploited by an attacker to obtain a device’s VPN configuration file, potentially exposing sensitive information. The proof-of-concept exploits for both vulnerabilities are available on the Internet. D-Link has also released firmware updates to address both vulnerabilities except for vulnerable models that have reached end of life. D-Link router users are strongly encouraged to upgrade their router to minimise potential attacks.
References:CVE-2019-17621 :: Unauthenticated Remote Command Execution & CVE-2019-20213 :: Information Disclosure LAN-side Security Vulnerability
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services