Hofbrau
@rr.com
| "So would someone from D-Link please list the affected gateway/routers!!!!!"
Notice the supposed D-Link tech didn't list the affected gateway models - only the ones (3..with no qualifications for different revisions for the same model such as the 604) with supposedly "patched" firmware updates.
Considering the lack of communication from D-Link preceding this posting, and from D-Link within this thread, you must assume that every current/recent gateway model is vulnerable.
"Looking at the description of the new DI-604 firmware, it's a fix for a DoS attack? I thought it was more serious than that...."
D-Link is minimizing the extent and nature of the remotely exploitable vulnerability that allows for complete system subjugation of every gateway model they produce/produced?
This would be the same flaw that they have yet to officially and publicly acknowledge of their own accord in any significant and specific and detailed manner, right? (That might be considered minimization as well..perhaps?)
They are clearly taking this seriously, what with the way they have considerately allowed their users to continue to use their extremely vulnerable insecure gateway products none-the-wiser, with no workarounds or mitigation steps being provided or offered.
You can see how seriously they are taking this what with the way they offered a patched firmware for Revision E 604s, but not for any of the earlier revisions. Hey, I know, only the E revision of the 604 is affected, you can read the details about it in their security advisory...oops...what advisory? Never mind.
Nothing like issuing a patch for some revisions of some gateway models for a security vulnerability that exists (apparently) in all revisions of all gateway models, without a security advisory to accompany it to explain the details.
Who says they dont care about or take seriously security?
Surprised?
I know I am.
Cogitate,
Hofbrau |
