End of March, NetworkSecurityFish disclosed a vulnerability in various D-Link NAS devices [1]. The vulnerability allows access to the device using the user “messagebus” without credentials. The sample URL used by the PoC was:
Article Link: https://isc.sans.edu/diary/rss/30878