Researchers at Fortinet have uncovered serious flaws in four D-Link routers. The router vulnerabilities were found to allow for remote code execution which means a remote attacker could gain control of your router, snoop on your traffic and redirect your browser to malicious websites.
According to the researchers, four different models: DIR-652, DIR-655, DIR-866L and DHP-1565 could permit remote code execution. These types of router vulnerabilities get found in routers every once in a while and the manufacturers typically fix it by releasing an updated version to the firmware. This time, however, D-Link confirmed that it wouldn’t be releasing new firmware for these four models because they’ve reached their end-of-life.
If that sounds a bit slopey shouldered, then you are correct. One of the models, the DIR-866L, was introduced in 2014 and discontinued only in 2018. Another model, the DIR-655, was introduced in 2006, but also discontinued only last year. Three of them — the DIR-655, DIR-866L and DHP-1565 — can still be bought new from third-party sellers on Amazon’s U.S. website, and the first is even an Amazon’s Choice model.
D-Link is no stranger to vulnerabilities; in September, researchers discovered vulnerabilities in D-Link routers that can leak passwords for the devices, and which have the potential to affect every user on networks that use them for access. And in May, a researcher found attackers using the Google Cloud Platform to carry out three separate waves of DNS hijacking attacks against vulnerable D-Link and other consumer routers.
Our advice is that if you own one of these routers then get yourself a new router ASAP. Otherwise you are at risk of getting hacked.
Contact us to learn more about how you can find out if you are affected by this.