D-Link routers are being hacked to steal customer passwords — but it says there is no patch
Threat actors are abusing a vulnerability in an outdated D-Link router to steal people’s sensitive data, researchers have claimed.
Cybersecurity experts from GreyNoise recently reported observing hackers in the wild, abusing a critical vulnerability in D-Link DIR-859 Wi-Fi routers.
The flaw is described as a path traversal vulnerability that leads to information disclosure, and is tracked as CVE-2024-0769. It has a severity score of 9.8/10, and was first discovered in January 2024.
A fair warning
The researchers said that the threat actors are targeting the ‘DEVICE.ACCOUNT.xml’ file, in order to grab all account names, passwords, user groups, and user descriptions, found on the device.
The worst part is that the device reached end-of-life in early 2020, meaning D-Link will not be patching this flaw. Instead, users are advised to replace the hardware with a newer component that still receives vendor support. Still, D-Link released a security advisory warning its customers of a vulnerability discovered in the ‘fatlady.php’ component of the device. In the advisory, the company explained that the flaw affects all versions of the firmware, and allows threat actors to escalate privileges and gain full control of the device through the admin panel.
The researchers subtly criticized D-Link, suggesting that publishing a security advisory without a patch is meaningless.
“It is unclear at this time what the intended use of this disclosed information is, it should be noted that these devices will never receive a patch,” the researchers said.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“Any information disclosed from the device will remain valuable to attackers for the lifetime of the device as long as it remains internet facing.”
However, information such as this one can serve as a warning to motivate users into migrating towards a newer device, or at least to shift the responsibility of a potential data breach towards the consumer.
Via BleepingComputer
More from TechRadar Pro
Threat actors are abusing a vulnerability in an outdated D-Link router to steal people’s sensitive data, researchers have claimed. Cybersecurity experts from GreyNoise recently reported observing hackers in the wild, abusing a critical vulnerability in D-Link DIR-859 Wi-Fi routers. The flaw is described as a path traversal vulnerability that leads…
Recent Posts
- The Dimplex FlexBlade Multi-Directional Bladeless Fan looks like it’s part of a plane, but despite its propeller-like design it may struggle to cool your aircraft hangar
- Dave Eggers told OpenAI staff that ChatGPT was ‘silencing an entire generation’
- France doubles down on restricting access to Polymarket
- Apple has banned home service content on upcoming Maps ads
- Google might not kneecap the Pixel 11a with an old processor
Archives
- July 2026
- June 2026
- May 2026
- April 2026
- March 2026
- February 2026
- January 2026
- December 2025
- November 2025
- October 2025
- September 2025
- August 2025
- July 2025
- June 2025
- May 2025
- April 2025
- March 2025
- February 2025
- January 2025
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023