Fortinet's FortiGuard Labs laboratories reported that the vulnerability, which is at the root of the problem, was identified as CVE-2019-16920, was discovered in September at 2019.
According to Fortinet researcher Thanh Nguyen Nguyen, the vulnerability of unauthenticated command injection affects the firmware of D-Link in DIR-655, DIR-866L, DIR-652 and DHP-1565 products.
The vulnerability is described as RCE driven by intruders, sending arbitrary inputs to a "PingTest" gateway interface, which in turn leads to command injection and completely affects it. system. The error has been rated as CVSS v3.1 9,8 and CVSS v2.0 10,0.
According to Fortinet, attackers can perform remote connection, which is not sufficiently certified, to trigger the vulnerability.
Bad authentication checks allow code execute, whether or not the user has the right to do so, to send a POST HTTP request via PingTest so attackers can either grab the administrator credentials or install a backdoor.
On 22 September, the researchers security companies revealed their findings on vulnerability on D-Link servers.
Given the age of these servers, it's no surprise that D-Link chose not to issue a vulnerability fix. Both their devices and their firmware have an expiration date and support for them sometimes ends. Therefore users of these servers should consider replacing them to reduce the risk attack to them.