Support Announcements
(Non-US) DIR-846 :: HW Rev. Ax :: FW 1.00a35 :: CVE-2019-17509 & CVE-2019-17510:: HNAP RCE Security Vulnerabilities

 

Overview  

 

On October 15 , 2019, D-Link became  aware that a 3rd party researcher has recently disclosed CVE-2019-17509 and CVE-2019-17510 that accuses DIR-846 of security issues.

 

We are currently investigating the report and will provide updates posted in the Recent Announcements at https://support.dlink.com .

 

D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. 

   

Disclosure   

 

   CVE-2019-17509

 

 

   CVE-2019-17510

 

 

 
Affected Products

 

Currently, D-Link is aware that the following D-Link brand devices may be affected:

 

Model HW Rev. Affected FW Fixed FW Current Firmware Last Update
DIR-846  All A Revisions 1.00a35 and Older Under Investigation  Varies Per Region 10/18/2019

 

 

Recommendations


To mitigate the risks, we strongly encourage our users to do the following:

 

     - Ensure you have checked your local customer care support site (In US: support.dlink.com) to get the latest firmware available for your device.