The Download
The year of router, firewall and VPN vulnerabilities continues forward. If you are running a D-Link DIR-859 router you need to get on top of CVE-2024-0769 immediately. This CVSS severity 9.8 vulnerability impacts all D-Link DIR-859 wifi routers. Worse the manufacturer says they are end-of-lifing this router, so tough luck patching it. The compounding issue is threat intelligence firm GreyNoise has observed active exploitations of this vulnerability, which means that adversaries are able to exploit this vulnerability on external attack surface. Exploitations of this vulnerability can retrieve account names, passwords, and other information for all users of the device.
What You Can Do
Like many of the other vulnerabilities in firewalls and VPNs we have previously covered, we believe these present a serious vulnerability to your organization because they are discernible from the external attack surface. Since the manufacturer is no longer supporting this device, we suggest replacing it with a new router that is fully patched. Always start with a scan of your external attack surface. ThreatMate provides this as a free service. Sign up today.
To Learn More:
コメント