Network Attached Storage (NAS) devices are storage servers connected to a network that allows multiple devices to access and share data. D-Link is a popular manufacturer of NAS devices.

What are D-Link NAS Devices?

This vulnerability is particularly dangerous because it allows attackers to remotely execute code on affected devices. This can give them complete control over the device, allowing them to steal data, install malware, or launch denial-of-service attacks.

What is a Remote Code Execution (RCE) Vulnerability?

The vulnerability is exploited by taking advantage of two security weaknesses. First, there is a backdoor account on the devices called "messagebus" that has no password. Second, there is a vulnerability in the system parameter that allows attackers to inject malicious code.

What is the Vulnerability in D-Link NAS Devices?

Mirai is a type of malware that infects devices and turns them into bots that can be used to launch large-scale denial-of-service attacks. These attacks can overwhelm websites and online services with traffic, making them inaccessible to legitimate users.

What is Mirai Malware?

The vulnerability affects multiple D-Link NAS devices, including some popular models. If you have one of these devices, it is important to take action immediately.

Which D-Link NAS Devices Are Affected?

Unfortunately, D-Link is not providing security patches for these end-of-life devices. They recommend that users retire or replace the affected devices. There is a legacy support page, but the firmware updates available there will not fix this security vulnerability.

What is D-Link Doing About This Vulnerability?

NAS devices should not be exposed directly to the internet because they are a frequent target for ransomware attacks. Ransomware encrypts data, making it inaccessible to users until a ransom is paid. 

Why NAS Devices Shouldn't Be Exposed Online

This vulnerability is not specific to these NAS devices. Other D-Link devices, including some end-of-life models, have also been targeted by Mirai-based botnets. It's important to keep all of your devices up to date with the latest security patches.

Are Other D-Link Devices at Risk?

1. Do not use end-of-life devices 2. Keep software up to date 3. Consider not exposing NAS devices directly to the internet

How to Protect Your Devices?