Overview
On June 23, D-Link became aware of Unit 42 disclosure of New Mirai variants that affect Legacy (EOL/EOS) D-Link Products or accused D-Link products without verifying that the latest device software addresses the Mirai attack leveraged report CVE vulnerabilities.
The D-Link DIR-820L, DIR-859 WiFi Router, and DNS-320 Network Attached Storage all hardware revisions are legacy devices as listed below in the table. All hardware revisions have reached their End of Life ("EOL") /End of Service Life ("EOS") Life Cycle. D-Link US recommends that D-Link devices that have reached EOL/EOS to be retired and replaced. Please get in touch with your regional office for recommendations (LINK).
|
Wi-Fi 6 Router Upgrade Offer for US Owners of accused D-Link Products!
If you are an owner of a D-Link Model listed below and live in the US, D-Link will offer you a new Wi-Fi 6 Router at a significantly reduced price
To Claim your Upgrade:
1) Click the Router Upgrade Offer link below to see the Router Offer. (Limit 1 per customer/US Address)
2) Add to Cart -> Proceed to Check Out -> Press Check-Out Button.
3) The Discount will automatically be applied in the checkout at $32.50 for our latest Wi-Fi 6 AI Smart Router.
Link to Offer: https://shop.us.dlink.com/discount/DLINKR1510?redirect=%2Fproducts%2Fr15
|
The D-Link DWL-2600AP Access Point has an available patch for the accused CVE, as well as a newer Hot-Fix Beta to address other attack vectors reported or found in the device, as listed below in the table.
As a general policy, when products reach EOS/EOL, they can no longer be supported, and all firmware development for these products ceases. Please read the information and recommendations below.
3rd Party Report information
Details: Discovered 06/23/2023
3rd Party: https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/
Accused Model
|
Model
|
Region
|
Hardware Revision
|
End of Service Life
|
Fixed Firmware
|
Legacy Website
|
Last Updated
|
|
DIR-820L
|
All Regions
|
All H/W Revisions
|
11/2017
|
Not Available
|
Yes (Link)
|
06/23/2023
|
|
DIR-859
|
All Regions
|
All H/W Revisions
|
12/20/2020
|
Not Available
|
Yes (Link)
|
06/23/2023
|
|
DNS-320
|
All Regions
|
All H/W Revisions
|
12/1/2018
|
Not Available
|
Yes (Link)
|
06/23/2023
|
|
DWL-2600AP
|
North America
|
All Ax Revisions
|
Active Products
|
v4.2.0.17
|
Not Applicable
|
06/23/2023
|
Recommendation for End-of-Support/End-of-Life Products
From time to time, D-Link will decide that some of its products have reached End of Support ("EOS") / End of Life (“EOL”). D-Link may choose to EOS/EOL a product due to the evolution of technology, market demands, innovations, and efficiencies based on new technologies, or the product matures over time. It should be replaced by functionally superior technology.
For US Consumer
If a product has reached End of Support ("EOS") / End of Life ("EOL"), there is usually no further extended support or development for it.
Typically for these products, D-Link will be unable to resolve device or firmware issues since all development and customer support have ceased.
D-Link strongly recommends that this product be retired and cautions that further use may be risky to connected devices. If US consumers continue to use these devices against D-Link's recommendation, please ensure the device has the most recent firmware, frequently update the device's unique password to access its web configuration, and always have WIFI encryption enabled with a unique password.