Overview
 
On February 28, 2021, D-Link was made aware of a Command Injection Vulnerability in the device's UPNP feature. The report was submitted by banyuan_yan@qq.com, affecting the D-Link DIR-802 Revision Ax using firmware version 1.00b05. This product was worldwide and not in the United States.

All consumers using the DIR-802 hardware revision Ax are recommended to retire and replace the device.
 
The DIR-802 Rev. Ax reached its End-of-Service Life Date on 03/30/2018; it is no longer supported, and firmware development has ceased, further recommendations below.

Report

     Author: Cool-Y ::  cool _dot_ yim _at_ foxmail _dot_ com

      Public Disclosure: CVE-2021-29379 :: :https://cool-y.github.io/2021/03/02/DIR-802-OS-Command-Injection

Affected Models

Recommendation for End of Service Life Products

D-Link is aware of the alleged vulnerabilities involving the DIR-802. This product has reached End of Life(EoL)/End of Support(EoS), and there is no extended support or development for it. 

D-Link will be unable to resolve Device or Firmware issues since all development and customer support has ceased. 

From time to time, D-Link will decide that sure of its products have reached EOL. D-Link may choose to EoL a product for many reasons, including the shift in market demands, technology innovation, costs, or efficiencies based on new technologies, or the product matures over time and is replaced by functionally superior technology.

For US consumers, for EOL/EOS products, the recommendation D-Link brand products sold by D-Link in the US be retired, and any further use maybe a risk to devices connected to it and end-users connected to it. If the US consumers continue to use these products against D-Link's recommendation, please make sure the device has the most recent firmware from https://legacy.us.dlink.com/, installed, make sure you frequently update the device's unique password to access its web-configuration and always have WiFI encryption enabled with a unique password.