21 April 2025, Mon |
6:12 AM
Vladimir Razov, an expert from PT SWARM, has uncovered a critical vulnerability affecting several D-Link router models. D-Link, recognized as one of the top three Wi-Fi router manufacturers globally by Mordor Intelligence, has been informed of the issue under the responsible disclosure policy. The company recommends users replace older devices with newer, supported models.
The vulnerability, assigned BDU:2024-06211 and a CVSS 3.0 score of 8.4, impacts the following D-Link models: DIR-878, DIR-882, DIR-2640-US, DIR-1960-US, DIR-2660-US, DIR-3040-US, DIR-3060-US, DIR-867-US, DIR-882-US, DIR-882/RE, DIR-882-CA, and DIR-882-US/RE. Vulnerable routers can be identified through search engines in regions including the United States, Canada, Sweden, China, Indonesia, and Taiwan.
As these models are no longer supported by D-Link, the company advises users to retire outdated devices and replace them with supported ones that receive regular firmware updates.
“If exploited, this vulnerability could allow an attacker with authorized access to the router’s web interface to compromise the device and intercept all network traffic,” said Vladimir Razov, Web Application Security Analyst at PT SWARM, the offensive security division of Positive Technologies.
As a temporary solution, Razov suggests using OpenWrt, an open-source operating system for routers, or changing login credentials to enhance security.
Positive Technologies has previously addressed vulnerabilities in Zyxel routers and other devices. Additionally, the company has updated its PT Industrial Security Incident Manager (PT ISIM) to help cybersecurity teams detect exploitation attempts targeting MikroTik routers and Cisco switches.
