Support Announcements
HNAP stack overflow :: DIR-8xx Routers Affected : All Models have Remote Admin Disabled as Default

General :: Updated 12/07 10:00AM PST

 

 D-Link continues to monitor the reported DHS vulnerability warning. Please note the issue is rare and may exist when the “remote administration” feature is turned on. All D-Link routers ship with “remote administration” off as the default setting which prevents the threat of this type of attack from the internet-side of the device.



As part of ongoing efforts to enhance security for our customers, future D-Link products will not include the HNAP protocol stack.
 


In the meantime, recommendations to help secure your wireless network include:

  • During router setup, change the default Wi-Fi security keys and administrator credentials.
  • This decreases risk, as the attack can only be launched from the Internet if the remote administration feature is turned on. Again, by default remote administration is turned off on all D-Link Routers.

 

NOTE:  To ensure your product has the latest security updates and operates at optimal performance, it is recommended you update your product to the latest firmware after installation and to periodically check for new firmware releases. Updates can be found by searching your model name at support.dlink.com  or though the mydlink mobile applications for mydlink registered devices. Customers are also notified of firmware updates via the mydlink.com portal.

 

Firmware updates and expected release dates to fix this issue are listed below.

 

Affected Products

 

 

Model

HW version

Patched FW Version

Note

DIR-885L

A1

v1.12

Available Here

DIR-895L

A1

v1.12

Available Here

DIR-890L

A1

v1.11b01_beta01_g97i

Available Here

DIR-880L

A1

v1.08WWb04

Available Here

DIR-868L

A1

v1.12WWb04

Available Here

DIR-868L

B1

After v2.05b01 beta FW

Available Here

DIR-869

A1

After v1.03 beta FW

Available Here

DIR-879

A1

After v1.04 beta FW

Available Here

DIR-859

A1

After v1.06 beta FW

Available Here

DIR-822

A1

Not Affected

Not Affected

DIR-822 B1 After v2.03 beta 01
Available Here
DIR-823 A1 After v1.00 beta 05
Available Here
DIR-818L B1 After v2.05 beta 08 Available Here