IoT Security

Ongoing Attacks Target Legacy D-Link DSL Routers via Critical RCE Vulnerability

Cybersecurity researchers have reported ongoing attacks exploiting a critical vulnerability in legacy D-Link DSL gateway routers. The flaw, tracked as CVE-2026-0625, has a CVSS score of 9.3 and enables unauthenticated remote attackers to execute arbitrary code on affected devices. Command Injection in DNS Configuration Endpoint The vulnerability stems from improper sanitization of user-supplied DNS parameters in the dnscfg.cgi endpoint. Exploitation allows […]

Ongoing Attacks Target Legacy D-Link DSL Routers via Critical RCE Vulnerability Read More »

Unpatched Firmware Vulnerability Leaves TOTOLINK EX200 Open to Full Remote Device Takeover

The CERT Coordination Center (CERT/CC) has issued a security advisory detailing a serious unpatched vulnerability affecting the TOTOLINK EX200 wireless range extender, which could allow a remote attacker to gain complete control over the device. The vulnerability, tracked as CVE-2025-65606, originates from improper error handling within the device’s firmware upload mechanism. Although no CVSS score has been

Unpatched Firmware Vulnerability Leaves TOTOLINK EX200 Open to Full Remote Device Takeover Read More »