Monday, April 11th 2022

CISA Advises Owners of Certain D-Link Routers to Urgently Retire Them

The US Cybersecurity and Infrastructure Security Agency, or CISA, is advising consumers and businesses to retire a whole range of D-Link routers, due to the devices being EOL. This is due to a severe vulnerability that affects the devices that goes under the CVE-ID of CVE-2021-45382. This is a remote command execution (RCE) vulnerability and it's not likely to get patched by D-Link and is considered serious enough that these devices should be taken offline post-haste. The vulnerability would allow an attacker to take over these devices using "diagnostic hooks" in the ncc2 service, which is tied to the DDNS function and would allow an attacker to gain full access by injecting malicious code.

Proof of concept code already exists on GitHub, which makes the likelihood of this attack vector being used even more likely. The known affected devices so far are the D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L and all hardware revisions are affected. Most of these routers were released around 2012 to 2014 and are either 802.11n or 802.11ac devices based on what appears to be Realtek or Ralink (now MediaTek) hardware. These aren't the only devices that CISA has given advice on recently, as the D-Link DIR-610 and DIR-645, as well as the Netgear DGN2200 are also devices that CISA recommends retirement for.
Sources: CVE-2021-45382, via Malwarebytes
Add your own comment

26 Comments on CISA Advises Owners of Certain D-Link Routers to Urgently Retire Them

#1
mechtech
A ton of e waste because no firmware update. Sad.

my Asus n66u is 10 years old and still getting updates.
Posted on Reply
#2
TheLostSwede
News Editor
mechtechA ton of e waste because no firmware update. Sad.

my Asus n66u is 10 years old and still getting updates.
It might be possible to install an alternative firmware on them, but I didn't bother looking it up.
Posted on Reply
#3
defaultluser
And this is why I avoid DLINK like the plague.
Posted on Reply
#4
elghinnarisa
mechtechA ton of e waste because no firmware update. Sad.

my Asus n66u is 10 years old and still getting updates.
The n66u is EOL and havn't gotten a update since 2020. If you been getting them, then you are on third party firmware.
www.asus.com/event/network/EOL-product/
Posted on Reply
#5
Jism
TheLostSwedeIt might be possible to install an alternative firmware on them, but I didn't bother looking it up.
OpenWRT is such a thing. But the amount of routers accepted is limited.

I have a TP Link router Archer C7 but i only use it for inside applications, behind another router, which makes it technically impossible to hijack it. However i see my own serverlogs and often full exploit commands being sended by all sorts of random sources.

Theres so much outdated devices on the internet participating in a botnet these days... it will only get worse if people dont ever update these things (or replace it).
Posted on Reply
#6
mechtech
The n66u is EOL and havn't gotten a update since 2020. If you been getting them, then you are on third party firmware.
elghinnarisawww.asus.com/event/network/EOL-product/
Yep.
But even 2020 is 8 years of support. Last DLink router I had barely made 4 years.
Posted on Reply
#7
Makaveli
mechtechA ton of e waste because no firmware update. Sad.

my Asus n66u is 10 years old and still getting updates.
Asus is one of the best vendors when its comes to supporting their routers. I use to be a D-Link guy maybe 15 years ago but haven't gone back and probably never will.
Posted on Reply
#8
DeathtoGnomes
Its utterly amazing how DLink has to rely on CISA to dish out public warnings.


Wait, I take that back, no I guess I'm not really surprised. :rolleyes:
Posted on Reply
#9
mechtech
MakaveliAsus is one of the best vendors when its comes to supporting their routers. I use to be a D-Link guy maybe 15 years ago but haven't gone back and probably never will.
Same

and just for fun. Chose 820L revB randomly. Released 2013. Last FW 2015. So 2 years. If that’s not abysmal I don’t know what is.

replacing router every 2 years with a new one = hard NO

support.dlink.ca/ProductInfo.aspx?m=DIR-820L
Posted on Reply
#10
AsRock
TPU addict
mechtechThe n66u is EOL and havn't gotten a update since 2020. If you been getting them, then you are on third party firmware.

Yep.
But even 2020 is 8 years of support. Last DLink router I had barely made 4 years.
And sounds like D Link say fck it when the shit hits the fan
is advising consumers and businesses to retire a whole range of D-Link routers, due to the devices being EOL. This is due to a severe vulnerability that affects the devices that goes under the CVE-ID of CVE-2021-45382.
And which is it ? EOL or lack of getting it fixed ?. either way don't seem good.
Posted on Reply
#11
R-T-B
AsRockAnd which is it ? EOL or lack of getting it fixed ?. either way don't seem good.
Both?
Posted on Reply
#12
TheLostSwede
News Editor
AsRockAnd which is it ? EOL or lack of getting it fixed ?. either way don't seem good.
Well, both. EOL normally means no more support.
Posted on Reply
#13
zlobby
Must. Resist. Posting! :ohwell:
Posted on Reply
#14
Shrek
dd-wrt probably supports most
Posted on Reply
#15
windwhirl
DeathtoGnomesIts utterly amazing how DLink has to rely on CISA to dish out public warnings.
You say that as if anyone outside of tech-savvy people will heed them.

PS: I can be even more pessimistic and say that even among those that are tech-savvy, a good amount of people will not care one bit.
Posted on Reply
#16
Makaveli
windwhirlYou say that as if anyone outside of tech-savvy people will heed them.

PS: I can be even more pessimistic and say that even among those that are tech-savvy, a good amount of people will not care one bit.
Facts.

Most people don't know squat about computers or the equipment they own or even care to learn. think of your parents etc.

They just want to pickup a phone and call a support line.

We are a different breed.
Posted on Reply
#17
dozenfury
If your vendor hasn't put out a fw update for your router in 2 years it's probably vulnerable even if it's not on this list. It's a bad enough problem that when I buy a router (or a mb ftm) I do a spot-check beforehand of their other hardware from the last few years to see how they've been supporting it with updates. Some companies are just bad at fw updates from the start, others are good at frequent updates for ~2 years and then never touch anything older than that again, and the good ones will update long-term until a more realistic hardware EOL.
Posted on Reply
#18
zlobby
MakaveliMost people don't know squat about computers or the equipment they own or even care to learn. think of your parenys
Yet they were able to buy a 1500 sq.ft. house while one of them is working part time at the local cafeteria, and the other collects butterflies.
Nowadays even a Ph.D in computer science may only get you a condo (YMMV).

In this context I may actually prefer to be a burger flipper and live a simple life in a huge house, insted of coding millions of lines per month just be able to afford the fancy double latte pumpkin chocolate macchiatos.
Posted on Reply
#19
AsRock
TPU addict
R-T-BBoth?
So basically they saying reminder were not updating these no more buy another one. How nice of them, so thoughtful.
Posted on Reply
#20
bonehead123
This is shit Conglomerated Consumerism Clusterfuck 101 at it's finest for ya.... just like cellphones...

Use it ~2 yrs till no moar updates, throw it away, buy a new one, rinse repeat yada yada yada,,

This is the exact reason I will NOT buy a Motorola phone.....although I really like most of their designs and prices....
Posted on Reply
#21
oobymach
If your technology wasn't retired every so often you wouldn't need to buy more. The "tech" we're allowed to buy is designed to be replaced.

BTW I love D-Link stuff, easy to work with and reliable, and I don't need an app to use it.

Also there are a shit ton of router viruses out there, once people have access to hardware they can fuck with it, welcome to the internet.
Posted on Reply
#22
eidairaman1
The Exiled Airman
What surprises me is how is dlink still even in business, they are like belkin imho
Posted on Reply
#23
watzupken
Yes, dump your perfectly working router and buy new ones to spur the economy and fill the pockets of the rich further. The truth is you can buy a new router, but I can guarantee that the new router will have some security flaw to begin with. You can argue that the security flaw can be patched, but I’ve never seen any device that is connected to the web and will get to a point where the patch will resolve ALL security flaws. There is nothing man made that is perfect.
Posted on Reply
#24
timta2
TheLostSwedeIt might be possible to install an alternative firmware on them, but I didn't bother looking it up.
I think the last two or three times I've used third-party firmware, the developers stopped bothering with updates, even when the original manufacturer was still providing updates.

I wish we had better consumer protection laws here in the US, in order to motivate these companies to do the actual right thing, instead of "the right thing" for their shareholders.
Posted on Reply
#25
TheLostSwede
News Editor
timta2I think the last two or three times I've used third-party firmware, the developers stopped bothering with updates, even when the original manufacturer was still providing updates.

I wish we had better consumer protection laws here in the US, in order to motivate these companies to do the actual right thing, instead of "the right thing" for their shareholders.
I've been using Voxel for years for my Netgear R7800. In all fairness, it's still sort of supported by Netgear too.
Merlin is another option, but as both of these work with what's available from Netgear or Asus respectively, they have limitations to what they can offer.

That said, what I meant was options like OpenWRT or DD-WRT, which tends to support a lot of different hardware. I have OpenWRT installed on two TP-Link devices and although it's a bit of a pain to configure, the latest version is a lot better than it used to be and both products are working better with OpenWRT than they ever did with the TP-Link firmware.

There should be legal requirements for routers to receive updates for at least five years, maybe 10 years for critical vulnerabilities like this.
Posted on Reply
Add your own comment
Dec 19th, 2024 05:11 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts