Hackers Unleash Mayhem on Unpatched D-Link NAS Devices: CVE-2024-10914 Exploited!

Hackers are targeting a critical flaw, CVE-2024-10914, in legacy D-Link NAS devices, just days after its disclosure. D-Link decided not to patch this vulnerability, which allows remote command injection. Over 61,000 devices could be affected by this flaw, causing a frenzy among cybercriminals ready to exploit it.

3P
Published: November 15, 2024 12:39 amAdded: November 14, 2024 at 4:46 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like D-Link’s legacy NAS devices have become the hottest property in town, only it’s the hackers who are rolling out the welcome mat! With a CVSS score of 9.8, this vulnerability is the equivalent of leaving your front door wide open, posting the address on social media, and then wondering why you’ve been robbed. Guess D-Link’s approach to security is, “If it’s broke, don’t fix it.” At least hackers are getting their cardio in, running circles around these devices!

Key Points:

  • Critical vulnerability CVE-2024-10914 impacts legacy D-Link NAS devices.
  • Vulnerability allows remote OS command injection via cgi_user_add function.
  • Over 61,000 devices are vulnerable to exploitation.
  • Exploitation attempts observed starting November 12, 2024.
  • Most affected devices located in the UK, Hungary, and France.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?