D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. 

Disclosure   

   
Affected Products

There is a mix of End-Of-Service Life products and active products regarding this security issue.  Please see below for End-of-Service Life products.

For active products to close this you can download the patch and upgrade the device through the device web-configuration GUI. Some recent product like the

DIR-842 and DiR-890L/R have features that allow them to be upgraded directly from their Web-GUI or through D-Link's WIFI mobile applications.

Security patch for your D-Link Devices

This firmware is an update security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install this relevant updates.

As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.

Recommendation for End of Service Life Products

While D-Link is aware of the alleged vulnerabilities involving the DIR-600 Rev. B1 / DIR-615 Rev. J1 / DIR-645 Rev. A1 / DIR-815 Rev. A1 these products have reached End of Life(EoL)/End of Support(EoS) and there is no longer support or development for them. Once a product is past EoL/EoS date, which states on it's product support page or has been transferred to https://legacy.us.dlink.com/,

D-Link will be unable to resolve Device or Firmware issues since all development and customer support has ceased.

From time to time, D-Link will decide that certain of its products have reached EoL. D-Link may choose to EoL a product for many reasons, including shift in market demands, technology innovation, costs or efficiencies based on new technologies, or the product simply matures over time and is replaced by functionally superior technology.

Once a product is identified as EoL, D-Link will provide the dates for which the support and service for that product will no longer be available.

For US consumers, D-Link recommends this product be retired, any further use maybe a risk to devices connected to it and end-users connected to it. If US consumers, continue to use the product against D-Link's recommendation, please make sure the device has the most recent firmware from https://legacy.us.dlink.com/, installed, make sure you frequently update the device's unique password to access it's web-configuration, and always have WiFI encryption enabled with a unique password.

While this is an established part of a product’s overall life cycle, D-Link understands that EOL of a product may affect an end-user’s decision to continue to use the product. The chart in the link below outlines D-Link's EOL Policy to help customers better manage their end-of-life transition and to help D-Link better understand its role in helping our customers migrate to alternative D-Link products and technology.

D-Link’s End-of-Life Policy can be found here: https://support.dlink.com/EndOfLifePolicy.aspx