GreyNoise observes the first attempts to exploit a path traversal vulnerability in discontinued D-Link DIR-859 WiFi routers.
July 1, 2024 By Ionut Arghire
Attackers have started to exploit a critical-severity vulnerability impacting D-Link DIR-859 WiFi routers, which were discontinued four years ago.
The issue, tracked as CVE-2024-0769 (CVSS score of 9.8), is described as a path traversal flaw in the HTTP POST request handler component of the affected routers that can be exploited remotely without authentication to leak sensitive information.
Proof-of-concept (PoC) code targeting the bug was published in January 2024, shortly after the vulnerability was disclosed publicly and D-Link acknowledged it.
Last week, GreyNoise observed the first in-the-wild attempt to exploit the security defect, using a variation of the publicly available exploit.