On April 9, 2018, D-Link was notified by CERT/CC that cloud security solutions provider Akamai had disclosed (report available here) a large number of devices from many manufacturers are potentially vulnerable to UPnP NAT injection.
The report cited the following D-Link devices may possibly be subject to this vulnerability:
United States (US) Products:
DIR-601 Revision A, B, C, E, I
DIR-615 Revisions A, B
DIR-825 Revision A, B, C
Verizon DSL-2750B :: Sticker on base of Unit Verizon Part # DLDSL2750B Not Affected :: UPnP is disabled on this model
DSL-2750B revision E
The reported UPnP vulnerability appears to be an industry-wide issue. While our investigation is still ongoing, users may opt for disabling the UPnP services on the device.
'취약점 정보1' 카테고리의 다른 글
|D-Link's response to Akamai's UPnP NAT Injection disclosure (0)||2018.05.16|
|iptime 업데이트 안내 (0)||2018.01.11|
|IoT_reaper Botnet information:: DIR-850L, DIR-600, and DIR-300 (0)||2017.11.01|
|DLINK 제품군 Response to KRACK :: WPA2 Key Reinstallation Attack Security Vulnerability (0)||2017.11.01|
|MS오피스 프로그램의 DDE 기능을 악용하는 악성코드 감염 주의 (0)||2017.11.01|
|Oracle Security Alert Advisory - CVE-2017-10151 (0)||2017.11.01|