These D-Link Routers Are Vulnerable To Remote Hacks And Should Be Retired Immediately
by
Nathan Wasson
—
Tuesday, April 12, 2022, 04:54 PM EDT
Cybersecurity news can seem like a never-ending stream of new vulnerabilities and a single prevailing message: “make sure to patch your devices.” Nonetheless, this message bears repeating. While we may keep up with updates on devices that receive over-the-air (OTA) updates on a semi-regular basis, we can still forget about other devices that are just as vulnerable, if not more so, to malicious attacks, but must be manually updated. Routers and Internet of things (IoT) devices are the primary culprits here. A few years ago, some researchers chose 13 routers and IoT devices for assessment and found a total of 125 vulnerabilities on just these devices alone. If this sample is at all representative of routers and IoT devices at large, these devices post a serious security risk when patches are neglected.
Attackers can leverage router and IoT vulnerabilities to gain access to otherwise secure devices on the same network. Fairly recently, some researchers discovered 1.7 million devices connected to routers compromised by just one particular form of attack. Unfortunately, vulnerabilities cannot always be mitigated by patches. Some devices have hardware vulnerabilities that no software or firmware update can fix, but others simply stop receiving updates.
D-Link has released a support announcement regarding a vulnerability in a number of its routers that are no longer officially supported. These routers all reached End of Life (EOL)/End of Service (EOS) back in 2017 and 2018, but still received updates as recently as December 2021. Even so, D-Link is advising customers to retire or place these routers in response to a Remote Code Execution (RCE) vulnerability.
One of the affected routers. Credit: D-Link
A Proof of Concept (PoC) for an attack leveraging this vulnerability appeared on GitHub back in December, and the vulnerability has since been added to the National Vulnerability Database (NVD) with the Common Vulnerabilities and Exposures (CVE) identifier CVE-2021-45382 and a severity rating of 9.8/10. The vulnerability will not be patched, so the only advised course of action is to retire or replace the routers. The vulnerability affects the following router models:
Nathan grew up with computer hardware news and reviews in the family business and eventually joined the business himself in 2014. He initially joined to make video reviews and help with the podcast, but was soon asked if he would write, and he's been writing about computers ever since. More recently, Nathan has developed a passion for internet privacy, security, and decentralization and likes writing about those topics the most. He spends much of his free time tinkering with Linux distributions, custom Android ROMs, privacy and security tools, and self-hosting solutions. He also started gaming on a PC at a young age and still can't give up Unreal Tournament 2004 and Supreme Commander 2. Beyond computers, Nathan is a car enthusiast and philosophy nerd.
