On April 21, 2020, a security researcher disclosed that potential attacks could be performed using the UPnP protocol when devices are available over the internet.

D-Link is investigating this reported security issue. D-Link is also in contact with the Open Connectivity Foundation, UPnP’s current maintainer, and updates will be provided as soon as we have more information.

On June 11, 2020, the vulnerability was publicly disclosed as CVE-2020-12695 LINK and a website is available by the security researcher: LINK

D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. Please check the D-Link website for updates regularly.