General :: Updated 12/07 10:00AM PST
D-Link continues to monitor the reported DHS vulnerability warning. Please note the issue is rare and may exist when the “remote administration” feature is turned on. All D-Link routers ship with “remote administration” off as the default setting which prevents the threat of this type of attack from the internet-side of the device.
As part of ongoing efforts to enhance security for our customers, future D-Link products will not include the HNAP protocol stack.
In the meantime, recommendations to help secure your wireless network include:
- During router setup, change the default Wi-Fi security keys and administrator credentials.
- This decreases risk, as the attack can only be launched from the Internet if the remote administration feature is turned on. Again, by default remote administration is turned off on all D-Link Routers.
NOTE: To ensure your product has the latest security updates and operates at optimal performance, it is recommended you update your product to the latest firmware after installation and to periodically check for new firmware releases. Updates can be found by searching your model name at support.dlink.com or though the mydlink mobile applications for mydlink registered devices. Customers are also notified of firmware updates via the mydlink.com portal.
Firmware updates and expected release dates to fix this issue are listed below.