D-Link Fixes Multiple Password Router Vulnerabilities
D-Link has issued a firmware hotfix to address multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Those vulnerabilities allowed attackers to execute arbitrary code on exposed routers, letting hackers gain access to sensitive information or trigger a denial of service state. The firmware hotfix has been released on July 15, the list of the fixed vulnerabilities includes CVE-2021-21816 - Syslog information disclosure vulnerability, CVE-2021-21817 - Zebra IP Routing Manager information disclosure vulnerability, CVE-2021-21818 - Zebra IP Routing Manager hard-coded password vulnerability, CVE-2021-21819 - Libcli command injection vulnerability, and CVE-2021-21820 - Libcli Test Environment hard-coded password vulnerability. Read more...