U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A flaw in the D-LINK WI-FI camera affects more than 120 products

A vulnerability in the firmware running on many D-Link products allows attackers to take over cameras and other 120 products. A month ago, the Senrio research team discovered and exploited a remote code execution vulnerability in the latest firmware of the D-Link DCS-930L Network Cloud Camera. The vulnerability allows code injection which lets the attackers […]

A flaw in the D-LINK WI-FI camera affects more than 120 products

A vulnerability in the firmware running on many D-Link products allows attackers to take over cameras and other 120 products.

A month ago, the Senrio research team discovered and exploited a remote code execution vulnerability in the latest firmware of the D-Link DCS-930L Network Cloud Camera.

D-Link DCS-930L camera

The vulnerability allows code injection which lets the attackers set a custom password for the Web-based management interface and allows the remote access to the camera feed by sending specifically crafted commands.

Further investigation on the vulnerability revealed that the same issue exists in more than 120 other D-Link products, including cameras, access points, modems, routers, and storage devices.

The flaw resides in a firmware service called dcp that processes remote commands by listening on port 5978.

The dcp service is a component of the module that connects the device with the mydlink D-Link service that allows users to control their devices from outside their networks through a smartphone app.

How many D-Link devices are affected by the flaw?

Using the popular Shodan search engine, the researchers at Senrio firm have spotted over 400,000 D-Link products exposed on the web, most of them are webcams.

At the time I was writing we have no news regarding the exact number of vulnerable devices because D-Link still hasn’t published a list of affected models.

The experts estimated that there are roughly 55,000 D-Link DCS-930L cameras exposed on the Internet, and over 14,000 of them were running the flawed firmware version.

Such kind of flaws could be exploited by hackers to recruit IoT devices in botnet used for illegal activities. Recently, researchers from Arbor Networks reported that the Lizardsquad’s botnet ( known as LizardStresser) is now leveraging on the Internet of Things devices.

Another interesting case was spotted by experts from Sucuri have discovered a large botnet of compromised CCTV devices used by crooks to launch DDoS attacks in the wild.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –D-Link DCS-930L camera, IoT)