CISA Warns of Hackers Exploiting Chrome and End-of-Life D-Link Vulnerabilities. Here is a quick look

NoName Ransomware

CISA Warns of Hackers Exploiting Chrome and End-of-Life D-Link Vulnerabilities. Here is a quick look

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has recently issued a critical warning regarding security vulnerabilities that are being actively exploited by threat actors. These vulnerabilities impact both Google Chrome and certain D-Link routers that have reached their end-of-life (EOL). In this article, we delve into the details of these vulnerabilities, their implications, and recommended actions for affected users.

malware-warning-1 CISA Warns of Hackers Exploiting Chrome and End-of-Life D-Link Vulnerabilities. Here is a quick look

Google Chrome Vulnerability (CVE-2024-4761)

The vulnerability in Google Chrome, tracked as CVE-2024-4761, has been confirmed by the vendor as actively exploited since May 13th. Unfortunately, technical details about this flaw are not publicly available at the moment. However, we know that it is an “out of bounds write” vulnerability within Chrome’s V8 JavaScript engine. This engine executes JavaScript code in the browser, making the severity of this issue high.

D-Link Router Vulnerabilities

1. D-Link DIR-600 (CVE-2014-100005)

Despite being a decade old, the vulnerability identified as CVE-2014-100005 continues to be exploited. This flaw affects D-Link DIR-600 routers. The issue lies in a cross-site request forgery (CSRF) vulnerability. Attackers can hijack administrator authentication requests to the router’s web admin panel, create their own admin accounts, alter configurations, and take control of the device. Remarkably, D-Link had released a fix for this vulnerability in firmware version 2.17b02, even though the routers had already reached their end-of-life status.

2. D-Link DIR-605 (CVE-2021-40655)

Another D-Link product, the DIR-605 router, has also fallen victim to a vulnerability. Tracked as CVE-2021-40655, this flaw affects routers that have been out of support since 2015. A proof-of-concept exploit for this issue was even released on GitHub in 2021. The exploit allows an attacker to obtain the admin’s username and password via a specially crafted request sent to the /getcfg.php page without authentication.

Mitigation and Recommendations by CISA

CISA advises federal agencies and companies to take immediate action to protect their systems:

  1. Google Chrome Users:
    • Update Chrome to the latest version.
    • Monitor official announcements from Google for further details on the vulnerability.
    • Apply security patches promptly.
  2. D-Link Router Users:
    • Replace affected D-Link DIR-600 and DIR-605 routers with newer models that are still supported.
    • Implement security measures to reduce the risk of exploitation.
    • Regularly check for firmware updates and apply them promptly.

Conclusion

As cyber threats continue to evolve, timely awareness and proactive measures are crucial. By addressing these vulnerabilities promptly, organizations can safeguard their networks and prevent potential security breaches. Remember, even older devices deserve attention to maintain a robust security posture.


You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it.

Share this content:

1 comment

comments user
temp mail

It was impossible for me to leave your website without expressing my gratitude for the excellent knowledge you give your visitors. Without a doubt, I’ll be checking back frequently to see what updates you’ve made.

Post Comment