Friend
Professional
- Messages
- 2,657
- Reaction score
- 864
- Points
- 113
Why did the company once again abandon customers to their fate?
D-Link has warned its customers about four remote code execution (RCE) vulnerabilities in DIR-846W routers. The vulnerabilities affect all hardware and firmware versions, but no patches will be released as the product is no longer supported.
These vulnerabilities, three of which are critical, were discovered by security researcher yali-1002, who posted minimal details on his GitHub page. The information was released on August 27, 2024, with no PoC exploits yet.
So, among the vulnerabilities identified:
D-Link acknowledged the existence of security issues, but indicated that these vulnerabilities fall under the End of Life (EOL) policy, which means that there are no further firmware updates.
Although support for the DIR-846W ended more than four years ago, many users continue to use these devices without encountering problems until hardware failures or functional limitations appear.
In an official statement, the company notes that the product is recommended to be discontinued, as its further use may pose a risk to connected devices. Moreover, the risk is absolutely real, since DIR-846W routers are widely used in many countries and are still sold in some regions, including Latin America.
D-Link strongly recommends that you immediately replace the outdated product with more modern and supported models. If this is not possible, you should make sure that the device is running the latest firmware, use strong passwords for the admin web interface, and enable Wi-Fi encryption.
Vulnerabilities in D-Link routers are often exploited by botnets such as Mirai and Mobot to involve devices in DDoS attacks. With this in mind, it's important to secure routers before PoC exploits are released to the public.
Source
D-Link has warned its customers about four remote code execution (RCE) vulnerabilities in DIR-846W routers. The vulnerabilities affect all hardware and firmware versions, but no patches will be released as the product is no longer supported.
These vulnerabilities, three of which are critical, were discovered by security researcher yali-1002, who posted minimal details on his GitHub page. The information was released on August 27, 2024, with no PoC exploits yet.
So, among the vulnerabilities identified:
- CVE-2024-41622 – RCE vulnerability via parameter tomography_ping_address in the /HNAP1/ interface (CVSS v3 score: 9.8).
- CVE-2024-44340 – RCE vulnerability in smartqos_express_devices and smartqos_normal_devices parameters in the SetSmartQoSSettings function (CVSS v3 score: 8.8 due to the need for authentication).
- CVE-2024-44341 — RCE vulnerability via the lan(0)_dhcps_staticlist parameter, exploitation is possible via a specially crafted POST request (CVSS v3 score: 9.8).
- CVE-2024-44342 is an RCE vulnerability in the wl(0) parameter. (0)_ssid (CVSS v3 score: 9.8).
D-Link acknowledged the existence of security issues, but indicated that these vulnerabilities fall under the End of Life (EOL) policy, which means that there are no further firmware updates.
Although support for the DIR-846W ended more than four years ago, many users continue to use these devices without encountering problems until hardware failures or functional limitations appear.
In an official statement, the company notes that the product is recommended to be discontinued, as its further use may pose a risk to connected devices. Moreover, the risk is absolutely real, since DIR-846W routers are widely used in many countries and are still sold in some regions, including Latin America.
D-Link strongly recommends that you immediately replace the outdated product with more modern and supported models. If this is not possible, you should make sure that the device is running the latest firmware, use strong passwords for the admin web interface, and enable Wi-Fi encryption.
Vulnerabilities in D-Link routers are often exploited by botnets such as Mirai and Mobot to involve devices in DDoS attacks. With this in mind, it's important to secure routers before PoC exploits are released to the public.
Source
