Network routers are a type of device that users tend to hold on to for far longer than they should. So long as they can still get connected to the internet, many users see no harm in keeping their old devices plugged in. However, the Cybersecurity & Infrastructure Agency (CISA) is reminding D-Link customers why that’s not such a good idea: five more D-Link models have recently been added to the agency’s list of vulnerable devices.
When a router reaches its end-of-life (as the units affected by this vulnerability have) exploits become far more serious. Manufacturers bear the responsibility to address these problems with fresh patches, but they generally don’t push out updates for EOL devices (with a few rare exceptions).
The issue in question here is a “Remote Code Execution” vulnerability that exists in D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers. According to Malwarebytes Labs, attackers can take advantage of “diagnostic hooks” to make a Dynamic DNS call without proper authentication, allowing them to take control of affected routers.
Just in case this seems like only a hypothetical threat, it’s worth noting that a proof-of-concept hack targeting this vulnerability already exists in the wild, thanks to Github user doudoudedi. As such, we — and D-Link itself — would recommend replacing any affected routers you might own as quickly as possible. It’s always a shame to generate more e-waste, but in this case, it’s the lesser of two evils.
Of course, it’d also be nice if router manufacturers supported their devices for longer: the 810L, for example, reached its EOL in 2019, but was first released in 2013, meaning it received less than 10 years of security patches.
At any rate, if you are in the market for a new device, consider checking out our list of the best Wi-Fi routers. We cover budget offerings as low as $70 and high-end enthusiast-grade options that hit the $300 mark.