To Summarize: Network routers are one of those devices that people tend to keep for far longer than they should. Many consumers believe there is no danger in leaving their outdated devices plugged in as long as they can still access the internet. Customers of D-Link, however, are being reminded by the Cybersecurity & Infrastructure Agency (CISA) why this isn’t a good idea: The agency has added five more D-Link types to its list of susceptible devices.
Exploits become significantly more harmful when a router reaches its end-of-life (as the devices impacted by this vulnerability have). Manufacturers are responsible for providing fresh patches to solve these issues, however, they rarely do so for EOL equipment (with a few rare exceptions).
The vulnerability in question is a “Remote Code Execution” flaw found in D-DIR-810L, Link’s DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers. Attackers can use “diagnostic hooks” to make a Dynamic DNS call without proper authentication, allowing them to take control of affected routers, according to Malwarebytes Labs.
If this appears to be a hypothetical threat, it’s worth mentioning that, due to Github user doudoudedi, a proof-of-concept hack targeting this vulnerability already exists in the wild. As a result, we — and D-Link itself — urge that you replace any impacted routers as soon as possible. It’s always a pity to produce additional e-waste, but it’s the least of two evils in this case.
Of course, it would be wonderful if router manufacturers supported their devices for longer: the 810L, for example, reached its end of life in 2019, but it was first marketed in 2013, so it received less than ten years of security fixes.
In any case, if you’re looking for a new gadget, have a look at our selection of the best Wi-Fi routers. We cover affordable options starting at €70 and high-end enthusiast-grade options exceeding €300.
