Security News

D-Link tells users to trash old VPN routers over bug too dangerous to identify
2024-11-20 14:32

Vendor offers 20% discount on new model, but not patches Owners of older models of D-Link VPN routers are being told to retire and replace their devices following the disclosure of a serious...

D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
2024-11-19 17:58

D-Link is warning customers to replace end-of-life VPN router models after a critical unauthenticated, remote code execution vulnerability was discovered that will not be fixed on these devices. [...]

Critical bug in EoL D-Link NAS devices now exploited in attacks
2024-11-13 18:36

​Attackers now target a critical severity vulnerability with publicly available exploit code that affects multiple models of end-of-life D-Link network-attached storage (NAS) devices. [...]

D-Link won’t fix critical bug in 60,000 exposed EoL modems
2024-11-12 20:31

Tens of thousands of exposed D-Link routers that have reached their end-of-life are vulnerable to a critical security issue that allows an unauthenticated remote attacker to change any user's...

D-Link won’t fix critical flaw affecting 60,000 older NAS devices
2024-11-08 19:21

More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit. [...]

D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers
2024-09-16 14:24

D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the devices using hardcoded credentials. [...]

D-Link says it is not fixing four RCE flaws in DIR-846W routers
2024-09-03 15:46

D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router will not be fixed as the products are no longer supported. [...]

Hackers exploit critical D-Link DIR-859 router flaw to steal passwords
2024-06-29 15:18

Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords. Although D-Link DIR-859 WiFi router model reached end-of-life and no longer receives any updates, the vendor still released a security advisory explaining that the flaw exists in the "Fatlady.php" file of the device, affects all firmware versions, and allows attackers to leak session data, achieve privilege escalation, and gain full control via the admin panel.

CISA warns of hackers exploiting Chrome, EoL D-Link bugs
2024-05-19 14:17

The U.S. Cybersecurity & Infrastructure Security Agency has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers. Two days after disclosing CVE-2024-4761 Google announced that another vulnerability in Chrome's V8 engine has been exploited in the wild, but CISA has yet to add it to the KEV catalog.

CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now
2024-05-17 06:43

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on...