Announcements > Security Advisories

DIR-819 - Rev A - Remote Code Execution

(1/1)

GreenBay42:
For more information and firmware patch, please visit https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10231

On July 13, 2021, a 3rd party researchert at HITCON ZeroDay publically disclosed a 0-day security report on the non-US SKU DIR-819 with firmeare v1.06 which may allow a user to access to device's configuration and managment interface.

Once the device was fully booted , it gave access to connected clients over LAN to upload or dowload the cfg file over tftp. This access can elevate security issues by allowing a malicious users to change the devices configuration.

The report provided by DrmnSamoLiu at HITCON ZeroDay
ZDID：ZD-2021-00248

Navigation

[0] Message Index