CISA says several D-Link routers have security risks

CISA says several D-Link routers have security risks: Users are advised to retire and upgrade

CISA says several D-Link routers have security risks: Users are advised to retire and upgrade.


The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently published a new report adding CVE-2021-45382 to its catalog of known exploitable vulnerabilities.

CVE-2021-45382 is a Remote Code Execution (RCE) vulnerability affecting all D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L and DIR-836L series and their hardware versions .

It is reported that the cause of the impact is the portion of the ncc2 service file on these devices that is associated with the DDNS function, which is called when queried and can be used to ask for information on a given device, as well as enable diagnostic services on demand. This allows attackers to inject malicious code to gain full access.

The US Cybersecurity and Infrastructure Security Agency stated that CVE-2021-45382 is a critical security vulnerability, as the affected products have reached the end of life (EOL), the last update was on December 19, 2021, and was not Likely to be patched by D-Link, consumers and businesses are advised to retire this range of D-Link routers best in due course.

At present, there are relevant codes on GitHub, which makes these routers more likely to be attacked.

The D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L and DIR-836L series were released between 2012 and 2014 and are based on 802.11n or 802.11ac from Realtek or Ralink (now MediaTek) solution.

In addition to the D-Link routers, the US Cybersecurity and Infrastructure Security Agency recently made similar recommendations for the Netgear DGN2200, D-Link DIR-610 and DIR-645 routers.