Researchers find six bugs in consumer D-Link DIR-865L Wireless AC 1750 Dual Band Cloud Router.
D-Link is urging customers to replace its now obsolete line of DIR-865L Wireless Routers in reaction to a recently discovered critical command-injection bug that leaves users open to a denial-of-service attack.
The routers, first introduced in 2013, reached end-of-life support in Feb. 2016. In Aug. 2018, D-Link released a patch (1.20B01 beta) to address multiple security bugs. On Friday, Palo Alto Networks’ Unit 42 researchers publicly disclosed six additional bugs – one rated critical and five rated high severity.
“The vulnerabilities were found in the DIR-865L model of D-Link routers, which are meant for home network use,” researchers wrote. “The current trend towards working from home increases the likelihood of malicious attacks against home networks, which makes it even more imperative to keeping our networking devices updated.”