Alert: Active Exploitation of Critical Vulnerabilities in D-Link Routers
Security researchers have identified two critical vulnerabilities actively exploited in D-Link routers.
The critical vulnerabilities are:
-
CVE-2022-28958: vulnerability found in D-Link DIR816L routers with firmware version 206b01
-
CVE-2022-26258: vulnerability found in DIR-820L routers with firmware version 1.05B03
Security Risks
Malicious actors can exploit the critical vulnerabilities by remotely executing malicious code and taking control of an unpatched D-Link router.
Recommended Actions
The National Cyber Security Authority (NCSA) recommends users and network administrators to:
-
Disconnect and replace DIR-816L routers and DIR-820L routers, as they have reached their End-of-Life/End-of-Support (EOL/EOS);
-
Upgrade to supported D-Link routers;
-
Apply the latest Wi-Fi encryption enabled with a unique password, which is to be updated regularly, and install the firmware update as it becomes available.
For further information and support, please contact the National Cyber Security Authority (NCSA) by emailto rwcsirt@ncsa.gov.rw or call us on 9009
References
Legacy (old) D-Link Routers
D-Link Legacy Products
12 September 2022
More updates