[German]D-Link routers DIR-652, DIR-655, DIR-866L and DHP-1565 has a critical remote execution vulnerability in the most recent firmware. But the manufacturer no longer wants to fix that flaw.
I don’t know if it concerns blog readers at all – but still post the information here as an abridged version.
RCE vulnerability in firmware
Fortinet security researchers have recently uncovered a serious vulnerability in D-Link routers DIR-652, DIR-655, DIR-866L and DHP-1565. The current firmware of these devices has an “unauthenticated command injection vulnerability” that could allow remote code execution (RCE).
In brief: Hackers around the world could pretty much hijack the affected routers and use them for their own purposes, such as crypto mining, botnets, or redirecting Internet traffic to direct traffic to malicious Web sites or for surveilance. Details of the vulnerability can be found at Fortinet.
DIR-652, DIR-655, DIR-866L and DHP-1565 are EOL
Normally such a vulnerability would not be a problem: The manufacturer provides a firmware update which is installed and closes the vulnerability. Tom’s Guide now reports in this article that the vendor D-Link does not want to provide new firmware to fix the vulnerability.
The reason is that these models have reached the End of Life (EOL). According to the above article, D-Link informed the Fortinet security researchers of this when they reported the vulnerability to the manufacturer. On the one hand, it is understandable that old models are no longer supported after their end of life. On the other hand, the models mentioned are still on sale. And there the whole story becomes unpleasant, so that one should refrain from buying dLink products.