D-Link Routers Vulnerable to Takeover Via Exploit for Zero-Day
15-May-24
A zero-day exploit targeting D-Link DIR-X4860 routers allows unauthenticated attackers to gain root access and execute commands, posing a significant risk to both home and corporate networks. The flaw in the handling of HNAP login requests lacks proper authentication implementation, enabling privilege escalation and code execution. Despite multiple attempts to contact D-Link, no response has been received, leaving users vulnerable with no official mitigation measures available.
