• Home Support Forums Security Advisories Shop     English | French
Support Announcement
DCH-M225 :: Rev. Ax :: FW 1.05b01 and lower :: CVE-2020-6841 & CVE-2020-6842 :: Multiple Vulnerabilities

A recent report from a 3rd party accuses the DCH-M225 of multiple security vulnerabilities . The DCH-M225 has reached it's End-of-Support Date on 04/30/2018.

 

Thrid Party Report:

 

Jeremy Laidman

 

     - CVE-2020-6841 :: LINK :: <Description to be updated upon disclosure>

     - CVE-2020-6842 :: LINK :: <Description to be updated upon disclosure>

 

Recommendation for End of Service Life Products

 

While D-Link is aware of the alleged vulnerabilities involving the DCH-M225. The product has reached End of Life(EoL)/End of Support(EoS) and there is no longer support or development for them. Once a product is past EoL/EoS date, which states on it's product support page or has been transferred to https://legacy.us.dlink.com/,

 

D-Link will be unable to resolve Device or Firmware issues since all development and customer support has ceased.


From time to time, D-Link will decide that certain of its products have reached EoL. D-Link may choose to EoL a product for many reasons, including shift in market demands, technology innovation, costs or efficiencies based on new technologies, or the product simply matures over time and is replaced by functionally superior technology.

 

Once a product is identified as EoL, D-Link will provide the dates for which the support and service for that product will no longer be available.

 

For US consumers, D-Link recommends this product be retired, any further use maybe a risk to devices connected to it and end-users connected to it. If US consumers, continue to use the product against D-Link's recommendation, please make sure the device has the most recent firmware from https://legacy.us.dlink.com/, installed, make sure you frequently update the device's unique password to access it's web-configuration, and always have WiFI encryption enabled with a unique password.