• Home Support Forums Security Advisories Shop     English | French
Security Announcement
Announcement > SAP10497
Non-US DIR-825kR: All H/W Revisions / All F/W Versions :: End-of-Life (EOL) / End-of-Service : CVE-2025-6158- After-Life Vulnerability Report
Publication ID: SAP10497
Resolved Status: Yes
Published on: 30 January 2026 7:05 GMT
Last updated on: 30 January 2026 8:55 GMT

Overview

 

The DIR-825KR is a legacy wireless router device listed below. This model has reached End of Life (EOL) and End of Service Life (EOS).

 

D-Link US and Canada recommends retiring and replacing devices that have reached EOL or EOS. These products no longer receive technical support, firmware updates, or security remediation.

 

As a general policy, once a product reaches EOS or EOL, all firmware development stops. Review the information and recommendations below before continuing to use this device.

 

Third-Party Report Information

 

Report 1: CVE-2025-6158

Reference: Public vulnerability databases such as NVD

Title: Improper input handling vulnerability affecting a legacy D-Link router

CWE: CWE-78 Improper Neutralization of Special Elements used in an OS Command

 

CVSS Scores

Public vulnerability databases list this issue with elevated severity due to network-accessible attack vectors and insufficient input validation. This CVE does not appear in archived D-Link US or Canada security bulletins.

 

Note:
This CVE appears in public vulnerability databases. It does not appear in archived D-Link security bulletins. The affected device has reached EOL and EOS. Product resources have been discontinued and no longer receive support. D-Link Systems, Inc. recommends retiring this product and replacing it with a supported model.

 

Description

 

CVE-2025-6158 describes a vulnerability affecting a legacy D-Link router. Improper handling of user-supplied input may allow command execution under certain conditions. No remediation is available due to product lifecycle status.

 

 

 

Awareness Reported by

 

Hui Jun Tay :: hui _dot_ jun _dot_ tay _at_ gmail _dot_ com

SEFCOM Laboratories : Link

 

 

Affected Products and Firmware Status

 

DIR-825KR

  • Hardware Revision: Unknown
  • Affected Versions: FW201SS09_KR and earlier
  • End of Support and End of Life: 09/01/2015
  • Status: EOL and EOS
  • Note: SKU and regional status require verification with D-Link Corporation.
  •  

Reports affecting older or legacy firmware are not accepted. EOL and EOS status means support and service have ended, and no security updates will be released.

 

Affected Models Summary

 

Model

Region

Hardware Revision

End of Support

Legacy Website

Last Updated

DIR-825KR

Non-US

Unknown

09/01/2015

Yes

01/30/2026

 

Recommendations for End of Support and End of Life Products

 

D-Link periodically designates products as EOS or EOL due to technology changes, market demand, or lifecycle maturity. Products in this status should be replaced with newer models offering improved functionality and active support.

 

Guidance for US and Canada Consumers

 

  • Products that have reached EOS or EOL no longer receive technical support, firmware updates, or security remediation.
  • Continued use of EOL and EOS products increases security risk to connected networks and devices.
  • D-Link strongly advises discontinuing use of these products.

 

Security Reports for EOL and EOS Devices

 

  • D-Link does not accept or validate vulnerability reports for EOL or EOS products.
  • No firmware updates or hotfixes will be released.
  • The last available firmware appears on the legacy site for reference only:
    https://legacy.us.dlink.com/
  • Continued use of EOL or EOS devices occurs at the user’s own risk.