no one is safe ...

The Home Network Horror days starting right now …

Welcome to the following 2 crazy weeks with lots of vulnerabilities in more than 20 different home network devices. We have quite a high number of hopefully interesting vulnerabilities in devices from different vendors like Linksys, D'Link or Netgear for you.

Today we start with a short intro video which demonstrates unauthenticated execution of OS commands on two home routers of D-Link. The D-Link DIR-300 rev B and D-Link DIR-600 are still unpatched and an attacker is able to directly compromise these devices via the web interface. You will find the advisory here.

Btw. disable access to the management interface via the internet – Shodan is watching you: Shodan search for DIR-600 devices / Shodan search for DIR-300 devices

If you like the music please visit Jamendo.

Have phun and stay tuned … more stuff is coming soon