• (Non-US) GO-RT-AC750 :: All H/W Revisions :: All F/W Versions :: End-of-Life (EoL) / End-of-Service (EoS) :: Multiple Vulnerabilities
  • R15 / M15 :: H/W Rev. Ax :: F/W v1.06.07 : Wi-Fi Access Point : Open DNS Resolver Vulnerability
  • (Non-US) DIR-845 & DAP-1522:: All H/W Revisions :: All F/W Versions :: End-of-Life (EOL) / End-Of-Service (EOS) :: Multiple Vulnerabilities
  • DNR-322L :: All H/W Revisions :: All Firmware :: End of Life (EoL) / End of Service Life (EoS) :: Authenticated Remote Code Execution (RCE) Vulnerability
  • Legacy (older) D-Link Routers :: All Revision :: All Firmware :: Mirai Variant MooBot Disclosure :: End of Life (EoL) / End of Service (EoS)
  • DIR-878 :: Rev. Ax :: FW v1.30B08 :: Authenticated Command Injection
  • (Non-US) DIR-2150 :: Rev Rx :: FW v4.0.1 :: Multiple Vulnerabiltiies
  • (Non-US Revisions) DIR-612 / 615 / 822 :: CVE-2022-27255 :: Realtek Device eCOS RTL819x Chipset Family Software has a Stack-Based Buffer Overflow Vulnerability
  • DIR-860L Rev. Ax, DIR-865L Rev. Ax, DIR-868L Rev. Ax., and DIR-880L Rev Ax. :: XSS vulnerabilities and Unauthenticated Command Injection Vulnerability
  • Mozi P2P Botnet :: Accused Product Firmware Patches :: Command Execution and UPnP Security Vulnerabilities
  • DIR-645: :: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: CVE-2022-32092 :: (LAN-Side) RCE in Web-Configuration Engine
  • DIR-890L/R / DIR-885L/R / DIR-895L/R :: All Revisions :: All Firmware :: End-of-Life / End-of-Service :: Multiple Vulnerabilities
  • DIR-816L :: Alll Revisions :: All Firmware :: End of Support / End of Life Product :: CVE-2022-28955 - CVE-2022-28956 - CVE-2022-28958
  • DIR-1260 :: Rev. Ax :: F/W v1.20B05 :: LAN-Side Unauthenticated Command Injection
  • Regarding Industry-Wide Security Incident :: DNS poisoning flaw due to the use of legacy version of uClibc
  • DIR-615 :: Alll Revisions :: All Firmware :: End of Support / End of Life Product :: PCB UART Header Exploit
  • DIR-820L :: Alll Revisions :: All Firmware :: End of Support / End of Life Product :: CVE-2022-26258
  • DIR-867 Rev A1 FW v1.30B07 / DIR-878 Rev. A1 FW v1.30B08 / DIR-882-US Rev A1 FW:FW v1.30B08 : ZDI-CAN-13796 :: LAN-Side Lighttpd Unauthenticated Buffer Overflow & RCE Vulnerability
  • DIR-878 :: H/W Rev. Ax :: F/W v1.30B08_Hotfix_02 :: CVE-2021-44880 & CVE-2021-44882 :: Multiple Vulnerabilities
  • DIR-878 :: H/W Rev. Ax :: F/W v1.20b05 :: Authenticated LAN-side Remote Code Execution (RCE) Vulnerability
  • (non-US) DIR-816 :: Alll Revisions :: All Firmware :: End of Support / End of Life Product :: Multiple Security Vulnerabilities (inc. CVE-2021-31326)
  • (Non-US) DIR-825 :: H/W Rev. Gx :: F/W v.7.xx :: Authentication Bypsss and an Authorized Remote Command Execution (RCE)
  • DIR-878.:: H/W Rev. A1 :: F/W vFW1.30B08_Hotfix_02:: Command Injection Vulnerabilities
  • (Non-US) DIR-X1860 :: Rev A1 :: F/W v1.03 :: multiple vulnerabilities
  • D-Link Remains Unaffected by the Russia-Ukraine Crisis
  • MediaTek Wi-Fi WPS/IEEE-1905 Vulnerabilities:BadMesher & Authentication Flooding
  • DIR-882 & DIR-882-US :: H/W Rev. Ax :: F/W v1.30B06_Hotfix_02 :: CVE-2021-44880, CVE-2021-44881, & CVE-2021-45998 :: Multiple Vulnerabilities
  • (Non-US) DIR-823-Pro :: H/W Rev. Ax :: F/W v1.0.2 :: CVE-2021-46452 thru CVE-2021-46457 :: Multiple Vulnerabilities
  • (Non-US) DI-7200GV2.:: H/W Rev. E1 :: F/W v21.04.09E1 :: CVE-2021-46226 thru CVE-2021-46233 :: Multiple Vulnerability
  • (Non-US) DSL-2730U :: Rev. V1 :: F/W vIN_1.11 ::Multiple Vulnerabilities
  • Multiple Legacy Device (Older generation DIR & DAP Models) :: All H/W Revs. :: All Firmware Versions :: End of Support / End of Life Product :: CVE-2019-10891 CVE-2015-2051 Command Execution Vulnerability
  • D-Link Product Advisory :: CVE-2020-11134 :: Qualcomm WLAN Chipset Vulnerability Disclosure
  • (Non-US) DSL-2750U :: Rev V1 :: F/W vIN_1.09 :: Multiple Vulnerabilities
  • DAP-2553 :: Rev. Ax :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • D-Link Device Information for CVE-2021-45608 :: KCodes NetUSB RCE Vulnerability
  • DIR-645: :: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Liquorbot Crypto-mining Botnet
  • DIR-850L:: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • DCM-200 / DCM-201 / DCM-202 / DCM-301 Cable Modems :: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Not Affected by Cable-Haunt Vulnerability
  • DIR-X5460 :: H/W Rev. Ax :: F/W v1.10b10 :: Multiple Vulnerability reported by IoT Inspector
  • DIR-506L / DIR-510L / DIR-640L / (Non-US) DWR-113 / (Non-US) DWR-116 / (Non-US) DWR-512:: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • (Non-US) DSP-W245 :: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • DAP-1522 / DAP-1525 / DHP-W310AV / DIR-412 :: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • DCS-1100 / DCS-1130 / DCS-6045 :: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • DIR-850L:: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • DIR-X1560 : Rev Ax : FW v1.04B04 / (non-US) DIR-X6060 : Rev Ax : FW v1.11B04 :: Chipset Patches required to mitigate WPA3-SAE & WPA2 attacks
  • (non-US Models/Revisions) DIR-600M DIR-612 DIR-615 DSL-2750U Windows WPAD 'domain.name' attack
  • DIR-859:: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • DAP-1650 :: All H/W Revisions :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • (non-US) DIR-842 :: H/W Rev. A1/A2/B1/B2 :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • DIR-810L/820L/830L/826L/836L :: All Revisions: :: End of Support / End of Life Product :: Remote Command Execution (RCE)
  • Apache Log4j Vulnerability — Log4Shell Vulnerability Information for D-Link Devices and Services :: Not Affected
  • DIR-809 :: H/W Rev. Ax :: F/W v1.12WWB03 :: Multiple Vulnerabilities
  • Multiple Legacy Device (Older generation DIR/DAP/DHP/DCH Models) :: All H/W Revs. :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • D-Link WiFI Devcies :: Latest Response for WiFi "FragAttacks" (fragmentation and aggregation attacks) Vulnerability Disclosure...
  • DGS-1210-xx Rev. C1 / DGS-1500-xx Rev. Ax - OpenSSL CCS Injection Vulnerability
  • DIR-2640 & DIR-2650-US :: Rev. Ax :: F/W v1.01B04 : NL_ Server process stack overflow and write out of bounds
  • DCS-2132L :: All H/W Revs. :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • DCS-930L :: All H/W Revs. :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerability
  • D-Link Devices :: Affected by Realtek Chipset RTL8xxx Realtek SDK vulnerabilities
  • (non-US) DVA-6800z :: Rev. Ax :: F/W vWI_20210604 :: Hard-Coded Credentials
  • DIR-3040 & DIR-3040-US :: Rev. Ax :: F/W v1.13B03 Hotfix or older : CVE-2021-21913 / TALOS-2021-1361 : Information Disclosure
  • (non-US) DIR-853/ET :: Rev. A3 :: F/W vET853PNP-1.06-B72D24 & Below :: Web-Confirguration LAN-Side Credential Bypass
  • OpenSSL Security Vulnerability - aka. "Heartbleed Bug" - CVE-2014-0160 - Security Incident Response for D-Link Devices and Services
  • (non-US) DIR-816 :: Rev. Ax :: F/W v1.01CNB04 :: CNVD-C-2021-222463 :: Command injection
  • DIR-867 revAx FW v1.30B07 :: DIR-878 RevAx FW v1.30B08-Hotfix :: DIR-882 RevAx FW v1.30B06-Hotfix :: CNVD :: Command Injection (LAN-Side)
  • (non-US) DCS-T2132 :: All Rev. & All F/W :: End of Support / End of Life Product :: Multiple Security Vulnerabilities
  • DIR-X1560 :: Rev Ax :: F/W v1.04B04 :: Multiple Vulnerabilities
  • (non-US) DWR-932C :: Rev. E :: F/W v1.0.0.4 :: Remote Code Execution via Authentication Bypass and Command Injection
  • (non-US) DIR-2055 :: Rev. A1 :: F/W v1.11B02 :: ZDI-CAN-12683 & ZDI-CAN-12686 :: HNAP Vulnerabilities
  • DCS-932L & (non-US) DCS-5000L :: All H/W Revs. :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerabilities
  • (non-US) DSL-3792 : Rev Ax :: FW EU v1.03 : Buffer Overflow Vulnerability
  • (EOL/EOS) Business DAP Access Models ::: End of Support / End of Life Product :: Multiple Security Vulnerabilities
  • DWA-171 : H/W Rev. Cx :: F/W MS Windows Driver v3.03 and Below (older) :: Unquoted Service Path Privilege Escalation
  • D-Link Products Not Affected by CVE-2021-28372 ::Wired.com Security Disclosure regarding ThroughTek Kalay SDK
  • (non-US) DIR-825AC :: All Revisions :: All Firmware :: End of Support / End of Life Product :: Firmware Decryption Tool available
  • (non-US) DIR-615A :: H/W Rev. Ax :: FW v2.5.20 and older :: End of Support / End of Life Product :: Reported Vulnerabilities
  • (Non-US) DAP-2020 : H/W Rev. Ax : F/W v1.01 :: Multiple Vulnerability
  • (Non-US) DWR-710 :: H/W Rev. B :: F/W v2.0.5_IN (India) :: Improper SS Validation can elevate to configuration changes
  • DSR-500N :: All H/W Revs. :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerabilities
  • DIR-3040 :: Rev. Ax :: FW v1.13B03 :: CVE-2021-21816 / CVE-2021-21817 / CVE-2021-21818 / CVE-2021-21819 / CVE-2021-21820 -Multiple Vulnerabilities
  • DVG-3104MS :: All H/W Revs. :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerabilities
  • DVX-2000MS :: All H/W Revs. :: All Firmware Versions :: End of Support / End of Life Product :: Reported Vulnerabilities
  • DIR-615 :: H/W Cx :: FW v3.03WWB05 :: CVE-2021-37388 :: End of Support / End of Life Product :: Reported Vulnerabilities
  • (Non-US) DSL-2750U :: H/W Rev. Ax :: F/W vME_1.16 :: Unauthenticated Config access
  • (non-US) DIR-819 :: HW:A1 :: FW v1.06 :: Remote Code Execution (RCE)
  • DAP-2555 : H/W Rev. Ax : F/W v1.20 : ::: End of Support / End of Life Product :: Reported Vulnerabilities
  • DCS-2530L, (non-US) DCS-2670L, (non-US) DCS-P703, and DCS-46xx/47xx/48xx Series:: Authenticated Command Injection and Unauthenticated Credential Disclosure
  • DIR-2640 / DIR-2640-US :: H/W Rev. Ax :: F/W v1.01B04 :: Stack Overflow & Write Out-of-Bounds in Server Process Security Vulnerabilities
  • DAP-1330 :: H/W Rev. Ax :: F/W v1.13B01 BETA :: Multiple Buffer Overflow (RCE) Vulnerabilities
  • (non-US) DIR-842/E :: HW Rev. R1 :: FW v3.0.2 :: Telnetd brute-force protection bypass
  • DAP-2695 : H/W Rev Ax : F/W v1.11: DDoS Attack Vulnerability
  • DIR-878 :: H/W Rev. Ax :: F/W v1.30B08 :: CVE-2021-30072 : Unauthenticated Stack-based Buffer Overflow Vulnerability
  • (Non-US) DWR-921 :: H/W Rev. C3 :: F/W v3.0.2 & v4.0.0 :: VPN Feature using Weak Cypher Suite
  • (non-US) DIR-802 :: Rev. Ax :: FW v1.00b05 :: End of Service Life (No Fixes Offered) :: CVE-2021-29379 :: UPnP Command Injection
  • DNSpooq Vulnerability Disclosures within dnsmasq (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687)
  • (non-US) DSL-2750U :: FW vME_103 :: CVE-2020-13150 :: Configuration Access Bypass for 90 sec. after power-cycle/reboot
  • (non-US) DIR-610 : H/W Rev. Ax : F/W v1.00 : ::: End of Support / End of Life Product :: Reported Vulnerabilities
  • (Non-US) DIR-846 :: H/W Rev. Ax :: F/W v100.26 :: LAN-side Authenticated Command Injection in HNAP1/control/SetMasterWLanSettings.php
  • COVR-2600R & COVR-3902 Kit :: Kit H/W Rev. Ax :: F/W v1.01 :: IPv6 DDoS Routing Loop Vulnerability
  • DIR-882-US :: H/W Rev. Ax :: F/W v1.30B06: ZDI-CAN-11682 HNAP LAN-Side Stack-based Buffer Overflow (RCE) Vulnerability LAN-Side Stack-based Buffer Overflow (RCE) Vulnerability