- Pro
- Security
An end-of-life D-Link router is vulnerable to four flaws
Comments (0) ()When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Shutterstock)
- D-Link warns all DIR-878 routers (discontinued in 2021) carry four RCE flaws
- Researcher Yangyifan released PoC exploit code; CISA has not yet added them to KEV catalog
- End-of-life routers are prime botnet targets (Mirai, Aisuru) for DDoS and proxy abuse
D-Link has warned customers about four vulnerabilities it recently discovered in a router model that is no longer supported.
In a security advisory, D-Link said that all versions of the DIR-878 device, meaning derivative models, all revisions, and all firmware versions, are vulnerable to multiple remote code execution bugs.
- Amazon Black Friday deals are live: here are our picks!
The vulnerabilities are tracked as CVE-2025-60672, CVE-2025-60673, CVE-2025-60674, and CVE-2025-60676, and were given severity scores between 6.5 and 6.8/10 (medium). The first two issues are remote unauthenticated command execution bugs, the third one is a stack overflow in USB storage handling bug, and the last one is an arbitrary command execution vulnerability.
You may like-
DrayTek warns Vigor routers may have serious security flaws - here's what we know
-
Hidden debug code returns from the dead as TP-Link routers face a wave of new critical root access flaws
-
Worrying TP-Link router flaws could let botnets attack your Microsoft 365 accounts - so update now
Proof of concept threats
The affected router was first released in 2017 and was discontinued back in 2021, but apparently can still be purchased, new or used, for prices between $75 and $125. It was used mostly in homes and small offices.
But a security researcher named Yangyifan published both technical details, and proof-of-concept (PoC) exploit code. However, despite the PoC already being released, the US Cybersecurity and Infrastructure Security Agency (CISA) has not yet added it to its Known Exploited Vulnerabilities (KEV) catalog.
Still, with the PoC out there, it is safe to assume it’s only a matter of time before real-life attacks start.
Many of the world’s biggest botnets, such as Mirai, or Aisuru, target end-of-life routers, DVRs, home surveillance systems, and smart home appliances, and assimilate them into the network.
Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.Access is then rented out to other cybercriminals for various activities, such as residential proxy services (hiding cybercriminal activity behind other people’s routers), Distributed Denial of Service (DDoS) attacks (taking down websites and online services), and similar.
The best way to defend against these flaws is to replace the outdated hardware with a newer model. If that’s not an option, D-Link advises at least installing the latest firmware, and keeping a strong password (that is frequently updated, too).
Via BleepingComputer
The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
Sead FadilpašićSocial Links NavigationSead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Logout Read more
DrayTek warns Vigor routers may have serious security flaws - here's what we know
Hidden debug code returns from the dead as TP-Link routers face a wave of new critical root access flaws
Worrying TP-Link router flaws could let botnets attack your Microsoft 365 accounts - so update now
TP-Link reveals more hardware security issues, so patch now or be at risk
This dangerous new botnet is shooting off attacks across the world faster than can be tracked - here's what we know about RondoDox
Asus routers across the globe hit by suspected Chinese cyberattack - here's what we know
Latest in Security
Second-order prompt injection can turn AI into a malicious insider
AI agents are fuelling an identity and security crisis for organizations
US FCC repeals cybersecurity rules aimed at preventing Salt Typhoon-esque attacks
SonicWall tells customers to patch SonicOS flaw allowing hackers to crash firewalls
Salesforce says customer data may be exposed in Gainsight incident - "unusual activity" being probed
Gaming and gambling giant IGT reportedly hit by ransomware - here's what we know
Latest in News
X was down again – here's how its latest outage played out
Jimdo adds AI to its website builder, promises better business outcomes
D-Link routers under threat from dangerous flaw - here's how to stay safe
Fitbit's new AI tool wants to take the stress out of your next doctor's visit
How to watch The Ashes 2025-26 highlights on BBC iPlayer — it's *FREE*
'Full Screen Experience' is now coming to all Windows 11 handhelds
LATEST ARTICLES- 1D-Link routers under threat from dangerous flaw - here's how to stay safe
- 2Jimdo adds AI to its website builder, promises better business outcomes
- 3The best privacy laws in the world: These three VPNs are on sale for a limited time
- 4X was down again – here's how its latest outage played out
- 5SonicWall tells customers to patch SonicOS flaw allowing hackers to crash firewalls
