Researcher publicly discloses 10 zero-day flaws in D-Link 850L routers

CSO Online

Security / CSO Online 136 Views 0

Peeved about earlier vulnerability disclosures experiences with D-Hyperlink, a safety researcher has publicly disclosed 10 zero-day vulnerabilities in D-Link DIR 850L wi-fi AC1200 dual-band gigabit cloud routers.

Safety researcher Pierre Kim opted to publicly disclose the vulnerabilities this time, citing a “very badly coordinated” disclosure with D-Hyperlink in February; that point round he had reported 9 vulnerabilities, however he stated it took D-Hyperlink 5 months to launch new firmware which ended up patching just one the issues he discovered.

General, Kim thinks D-Hyperlink 850L routers are “badly designed” as “principally, all the things was pwned, from the LAN to the WAN. Even the customized MyDLink cloud protocol was abused.”

The 10 publicly disclosed zero-days