D-Link has issued a new security notice detailing several vulnerabilities discovered in its long-retired DIR-878 home router line. Although the model reached End-of-Life and End-of-Service years ago, the company published the advisory to inform any remaining users that multiple security issues have now been confirmed across all revisions and all firmware versions of the device.
The bulletin, released earlier this week on November 17th, follows third-party reports outlining how different components of the router handle input, store configuration data, and execute system commands. Because the DIR-878 series has not been supported since early 2021, none of the newly reported flaws will receive fixes, and D-Link urges users still operating the device to transition to a modern replacement.
Several of the issues stem from the way configuration parameters are processed within the device’s web interface.
In two separate cases, values submitted through the Dynamic DNS and DMZ settings are written into NVRAM and later reused when constructing system commands. Without proper validation, those values can be manipulated through a crafted HTTP request, allowing an attacker to execute commands remotely without needing to log in.
Another vulnerability involves the router’s USB storage handling. When reading a USB device’s serial number, the firmware uses a buffer too small to safely store the data, creating the potential for a stack overflow. While this flaw requires physical access or a malicious USB device, it can still lead to code execution under the right conditions. A fourth issue affects the handling of quality-of-service rule files, where fields read from a temporary configuration file are appended directly into system commands. If an attacker can modify that file, they can cause the device to run their own commands.
D-Link’s notice reminds users that unsupported hardware cannot receive new development, patches, or extended support. They recommend moving to a current-generation router, backing up any needed configuration data, and ensuring that any still-operational units are updated to their final available firmware. Strong, unique administrative and Wi-Fi passwords, along with proper encryption, are advised for anyone who must keep the device online temporarily, though the company stresses that using EoL products carries ongoing risk.
Older devices that no longer receive updates can quickly become exposed when new vulnerabilities are discovered, leaving them open to attacks that can’t be fixed. Anyone still using discontinued hardware should consider upgrading to a supported router and, in the meantime, keep strong, unique passwords and secure Wi-Fi settings in place.
Leave a Reply