Support Announcements
D-Link's response to Akamai's UPnP NAT Injection disclosure

On April 9, 2018, D-Link was notified by CERT/CC that cloud security solutions provider Akamai had disclosed (report available here) a large number of devices ,from many manufacturers, are potentially vulnerable to UPnP NAT injection.

 

The report cited the following D-Link devices may possibly be subject to this vulnerability:

 

  Akamai Listed D-Link US Products Potentially Affected

 

  Akamai Listed D-Link US Products Not Affected 

  • Verizon DSL-2750B H/W Revixion T1, T2:: Sticker on base of Unit Verizon Part # DLDSL2750B   Not Affected :: UPnP is disabled on this model
  • DSL-2750B H/W Revision T1 :: H/W Revision information on tottom sticker of device :: Not Affected :: UPnP is disabled on this Model

 

  Akamai Listed D-Link non-US Products Potentially Affected 

  • DIR-620
  • DSL-2652BU
  • DSL-2750B H/W Revision A1, B1, C1, D1, E1, F1
  • DSL-2750E
  • DVG-2102S
  • DVG-5004S
  • RG-DLINK-WBR2300
  • DVG-N5402SP


The reported UPnP vulnerability appears to be an industrywide issue. While our investigation is still ongoing, users may opt for disabling the UPnP services on the device.

 

Please check  this page frequently for further updates.