DLink Security Announcement : are we concern ?

[Christophe DEMAY]

Sorry, i'm french and not very good in english

I read that DLink have a backdoor insecure.

French source : https://korben.info/faille-critique-nas-d-link-92000-appareils-vulnerables-backdoor.html

I want to known if this is dangerous for DNS325 with Alt-F

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383

Thanks

[Andrew Chan]

A proof of concept of the exploit is here:

https://github.com/netsecfish/dlink

[Hell Fish]

No concern here..

I doubt you would find any exploit working for D-Link firmware and Alt-F.. for this one, just check yourself there is no nas_sharing.cgi on Alt-F

$ ls /usr/www/cgi-bin/

Exposing any D-Link "programmed" software to the internet is a bad idea, proven time over time again

[Christophe DEMAY]

Thanks gaben and Hell Fish, i don't see this files so no problem with alt-f