Zero-day vulnerabilities are generally scary enough that when one is made public, vendors begin scrambling to issue a fix. By nature, zero-day flaws are vulnerabilities that the affected vendor has no knowledge about and thus no patches exist. Alarmingly, not one or two but 10 zero-day flawshave recently been uncovered affecting D-Link routers, which could potentially leave users at risk of cyberattacks. Pierre Kim, a security researcher, chose to publicly expose the vulnerabilities related to D-Link 850L routers, citing “difficulties” working with the vendor on a coordinated disclosure. According to the researcher, the zero-day flaws, if exploited by hackers, could potentially lead to attackers gaining root access to devices and getting backdoor access. They could also remotely hijack and control routers as well as leave users vulnerable to XSS and command injection attacks and more.
ORIGINAL SOURCE: IB Times