The ping tool in multiple D-Link and TRENDnet devices allow remote malicious users to execute arbitrary code via the ping_addr parameter to ping.ccp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dlink dir-626l_firmware 1.04 |
||
dlink dir-636l_firmware 1.04 |
||
dlink dir-808l_firmware 1.03 |
||
dlink dir-810l_firmware 1.01 |
||
dlink dir-810l_firmware 2.02 |
||
dlink dir-820l_firmware 1.02 |
||
dlink dir-820l_firmware 1.05 |
||
dlink dir-820l_firmware 2.01 |
||
dlink dir-826l_firmware 1.00 |
||
dlink dir-830l_firmware 1.00 |
||
dlink dir-836l_firmware 1.01 |
||
trendnet tew-731br_firmware 2.01 |
||
dlink dir-651_firmware 1.10na |
||
trendnet tew-651br_firmware - |
||
trendnet tew-652br_firmware - |
||
trendnet tew-711br_firmware 1.00 |
||
trendnet tew-810dr_firmware 1.00 |
||
trendnet tew-813dru_firmware 1.00 |
Sneaky DNS change doesn't need remote management.
A cybercrime vigilante known as Kafeine says criminals are hitting thousands of victims with a hacking tool that targets more than 40 router models. The well-known hacker says the novel attacks use cross-site request forgery and exploits against new and old bugs to change router DNS settings. This bypasses the need to target only routers with vulnerable remote services. Kafeine says the most popular routers can be targeted including Netgear, D-Link, and Asus to name a few. The hacker says the at...