Researcher discloses 10 D-Link zero-day router flawsSeptember 11, 2017 – 6:33 AM
When a zero-day vulnerability becomes public, of which by its nature no patches or fixes are available at the time, one is enough for vendors to come to terms with in order to rapidly devise a solution.
D-Link now has 10 such previously-unknown bugs on its plate to fix.
Last week, security researcher Pierre Kim chose to publicly disclose his findings related to D-Link 850L routers due to “difficulties” working with the vendor on a coordinated disclosure.
In a blog post, Kim said the flaws were found in the D-Link 850L, a wireless AC1200 dual-band gigabit cloud router, which also enables users to use Mydlink Cloud Services to access their home networks remotely.
Kim describes the product as a “router overall badly designed with a lot of vulnerabilities,” and says that he was able to compromise everything, from the LAN to the WAN, as well as the custom MyDlink cloud protocol.