• Home Support Forums Security Advisories Shop     English | French
Security Announcement
Announcement > SAP10426
(Non-US) DIR-816 : All H/W Revisions / All F/W Verisons : End-of-Life (EoL) / End-of-Service (EoS) : Reported Vulnerabilities
Publication ID: SAP10426
Resolved Status: Yes
Published on: 18 March 2025 10:06 GMT
Last updated on: 18 March 2025 10:06 GMT

 

Overview

 

The (non-US) DIR-816 :: All Models, Derivative Models, All Revisions, and All Firmware reached their End-of-Life (EOL)/ End-of-Service Life (EOS) lifecycle. D-Link Corporation and D-Link North America (D-Link Systems, Inc.) recommend that all current users take one or more of the following actions:

 

1.       Transition to a current-generation product.

2.       Perform comprehensive data backup.

3.       Contact our local regional office for further recommendations or information (LINK). 

 

By standard industry practice, products that have reached EOL/EOS status may no longer receive technical support or firmware updates. Please read the detailed information and recommendations provided below.

 

3rd Party Report information:

 

          Discovered: DIR-816 : 02/14/2025  :: VulDB

        

                  Author: Fergod :: https://vuldb.com/?user.55882

  

                 Details:  The 'cgi-bin/webproc' directory within the user account, there is an unrestricted stored Cross-Site Scripting (XSS) vulnerability and injection attacks on the 'SSID' parameter of the "D-Link DIR-816" system. This function executes the user parameter without restrictions. To view the script in action, simply access the 'Setup' directory. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients.

 

Affected Models

 

Model

Region

Hardware Revision

End of Support

Legacy Website

Last Updated

DIR-816

Worldwide

All Series Models & H/W Revisions

02/10/2021

No (non-US)

03/18/2025

 

Recommendation for EOL /EOS Products

  

In line with industry practice, D-Link may periodically determine that certain products have reached a stage where further support or development is no longer attainable. This decision may be driven by commonly acknowledged factors such as technology evolution, market requirement, innovation, product efficiency, or the need for product replacement due to superior functionality.

 

For US Consumers

 

When a product reaches EOL/EOS status, which we have always announced for an extended period in advance, no further extended support, updates, or development may be available.

 

We may not be able to address issues related to devices or firmware for such products, as development and customer support may have been discontinued. If you are outside the US, please get in touch with your regional D-Link office for an inquiry.

 

We recommend discontinuing such products and caution that continued use may harm other connected devices. If users continue using these devices, please ensure they are updated to the latest known firmware on the Legacy Website links above. Additionally, users should frequently update a device's unique password to access its web configuration and always have Wi-Fi encryption enabled with a strong and unique password.

 

Regarding the Security Update for Your Device

 

Installing firmware updates is critical in addressing security vulnerabilities in your devices. We strongly urge all users to install the relevant updates and regularly check for further updates. After downloading the firmware update, it is essential to ALWAYS validate its success by comparing the firmware version on your product interface to the firmware update version.

 

Please note that beta software, beta firmware, or hot-fix release is still undergoing rigorous testing before its official release. This ensures it is of the highest quality and meets our stringent standards. Due to such nature, we do not provide express or implied warranties regarding its suitability or usability. It is essential to understand that the user assumes all risk and liability for its use

 

NOTE: Our products have different hardware revisions, so please check your device’s hardware revision before downloading the corresponding firmware update. The hardware revision can be found on the product label next to the serial number or on the device's web interface.