On April 9, 2018, D-Link was notified by CERT/CC that cloud security solutions provider Akamai had disclosed (report available here) a large number of devices from many manufacturers are potentially vulnerable to UPnP NAT injection.
The report cited the following D-Link devices may possibly be subject to this vulnerability:
United States (US) Products:
DIR-601 Revision A, B, C, E, I
DIR-615 Revisions A, B
DIR-825 Revision A, B, C
Verizon DSL-2750B :: Sticker on base of Unit Verizon Part # DLDSL2750B Not Affected :: UPnP is disabled on this model
Non-US Products:
DIR-620
DSL-2652BU
DSL-2750B revision E
DSL-2750E
DVG-2102S
DVG-5004S
RG-DLINK-WBR2300
DVG-N5402SP
The reported UPnP vulnerability appears to be an industry-wide issue. While our investigation is still ongoing, users may opt for disabling the UPnP services on the device.
'취약점 정보1' 카테고리의 다른 글
| Cisco Data Center Network Manager 취약점 보안 업데이트 권고 (0) | 2020.01.06 |
|---|---|
| HP 복합기 원격코드실행 취약점 보안 업데이트 권고 (0) | 2018.08.23 |
| iptime 업데이트 안내 (0) | 2018.01.11 |
| IoT_reaper Botnet information:: DIR-850L, DIR-600, and DIR-300 (0) | 2017.11.01 |
| DLINK 제품군 Response to KRACK :: WPA2 Key Reinstallation Attack Security Vulnerability (0) | 2017.11.01 |