Serious D-Link security flaw – Check if you need to replace your router

Researchers at Fortinet Labs recently discovered that multiple D-Link routers are vulnerable to a security flaw that will not be patched.

The vulnerability enables attackers to perform remote code execution attacks on affected routers, which may allow them to execute commands with root privileges.

“We rated this as a critical issue since the vulnerability can be triggered remotely without authentication,” Fortinet said.

The affected D-Link routers are no longer supported by the company and subsequently will not receive any update to combat this vulnerability.

Consequently, the only solution to secure your network if your device is affected by this vulnerability is to replace your router with a newer model.

Affected routers

The full list of affected routers is shown below:

  • DIR-655
  • DIR-652
  • DHP-1565
  • DIR-855L
  • DAP-1533
  • DIR-862L
  • DIR-615
  • DIR-835
  • DIR-825

If you have purchased a router with one of the model numbers above, it is best to check whether your specific device is vulnerable to the flaw outlined above.

One concerned MyBroadband reader contacted us after realising they were using a D-Link router with the model number DIR-825.

This router was supplied to them by Afrihost, which sparked concern over whether a large number of South Africans were using vulnerable network hardware.

After we contacted Afrihost, however, the ISP stated that there was no cause for concern, although local users should still check their router models against this list – especially if they had purchased their own router.

South African users

“We do not supply this version of the DIR-825 (or any of the others in the list) to our clients,” Afrihost told MyBroadband.

“The D-Link router referenced in this mail is a much older model (now discontinued) that was supplied for the UK region,” the company added.

“While it shares the same model number (DIR-825) as the model we supply, it is an entirely different version from the model that we supply, and was never intended for the South African market.”

Afrihost said this practice was common amongst network equipment manufacturers.

“We have been assured by our suppliers that the routers we supply are not vulnerable to these security flaws,” the company added.

“The routers we supply are also updated to the latest firmware. This would be V1.0.0 for the current model we supply; some older models would show the same firmware build as v3.0.0 up to v3.0.6.”

Afrihost recommended that clients check for available firmware updates on their router and ensure that they have the latest firmware installed.

The ISP sent MyBroadband an image of the vulnerable router to help users differentiate between it and newer devices with the same model number.

We have posted images of two D-Link DIR-825 routers below. The first one is vulnerable to the security exploit and the second is secure against it.

D-Link DIR-825 (Vulnerable)

D-Link DIR-825 vulnerable

D-Link DIR-825 (Safe)

D-Link DIR-825 safe

Now read: Android bug let hackers spread malware by tapping your phone

Latest news

Partner Content

Show comments


Share this article
Serious D-Link security flaw – Check if you need to replace your router