Best to switch off immediately: Older D-Link NAS models at risk
A total of 20 NAS models from D-Link are currently under active attack. The affected models are no longer receiving security updates. The manufacturer is therefore proposing that they be taken out of service and replaced.
On 26 March, a third-party security research provider drew D-Link's attention to the fact that some of its older NAS models had two security vulnerabilities. Thanks to these, third parties can gain access to the network storage devices via the internet using an exploit.
The worst thing about this is that it is sufficient if port forwarding is defined for one of the affected NAS. In other words, if the NAS web interface can be accessed from the internet. A password is not required for access. After all, the exploit only affects older products that have already reached their end of life (EOL). What's worse is that they no longer receive updates as a result.
Affected devices have increased fivefold overnight
D-Link has now updated the list of affected systems overnight. A total of 20 devices have been affected since 12 April. The company advises anyone with a device affected to take it out of service and replace it.
Here is the list of all models that should no longer be used:
It is certain that the vulnerabilities are already being actively exploited. This is why the Cybersecurity and Infrastructure Security Agency (CISA) of the USA has also been warning of this since 11 April. <p
I find my muse in everything. When I don’t, I draw inspiration from daydreaming. After all, if you dream, you don’t sleep through life.
From the latest iPhone to the return of 80s fashion. The editorial team will help you make sense of it all.
Show all