• Home Support Forums Security Advisories Shop     English | French
Security Announcement
Announcement > SAP10498
DAP-1522 / DAP-1525 / DAP-1650 / DHP-W311AV / Non-US DIR-300 / DIR-600 / DIR-815 : All H/W Revisions / All F/W Versions :: End-of-Life (EOL) / End-of-Service : EDB-24956 - After-Life Vulnerability Report
Publication ID: SAP10498
Resolved Status: Yes
Published on: 30 January 2026 7:14 GMT
Last updated on: 2 February 2026 6:59 GMT

Overview

 

The DAP-1522, DAP-1525, DAP-1650, DHP-W311AV, and multiple DIR-series devices listed below are legacy networking products. All identified models and hardware revisions have reached End of Life (EOL) and End of Service Life (EOS).

 

D-Link US and Canada recommend retiring and replacing devices that have reached EOL or EOS. These products no longer receive technical support, firmware updates, or security remediation.

 

As a general policy, once a product reaches EOS or EOL, all firmware development stops. Review the information and recommendations below before continuing to use these devices.

 

Third-Party Report Information

 

Report 1: EDB-24956

Reference: Exploit Database
https://www.exploit-db.com/exploits/24956

Title: Command injection vulnerability affecting legacy D-Link wireless access points and routers

CWE: CWE-78 Improper Neutralization of Special Elements used in an OS Command

 

CVSS Scores

This issue is documented in third-party exploit repositories and demonstrates remote command execution risk through improper input handling. This report does not appear in archived D-Link US or Canada security bulletins.

 

Note:
This report appears in third-party vulnerability databases. It does not appear in archived D-Link security bulletins. All affected devices have reached EOL and EOS. Product resources have been discontinued and no longer receive support. D-Link Systems, Inc. recommends retiring these products and replacing them with supported models.

 

Description

 

EDB-24956 documents a vulnerability affecting multiple legacy D-Link networking products. Improper handling of user-supplied input allows command execution under certain conditions. No remediation is available due to product lifecycle status.

 

 

 

Awareness Reported by

 

Hui Jun Tay :: hui _dot_ jun _dot_ tay _at_ gmail _dot_ com

SEFCOM Laboratories : Link

 

 

Affected Products and Firmware Status

 

DAP-1522

  • Hardware Revision: RevB
  • Affected Versions: v2.07B01 and earlier
  • End of Support and End of Life: 07/01/2016
  • Status: EOL and EOS

 

DAP-1525

  • Hardware Revision: RevA
  • Affected Versions: v1.02 and earlier
  • End of Support and End of Life: 02/28/2018
  • Status: EOL and EOS

 

DAP-1650

  • Hardware Revision: RevA
  • Affected Versions: v104b03 and earlier
  • End of Support and End of Life: 10/31/2021
  • Status: EOL and EOS

 

DHP-W311AV

  • Hardware Revision: RevC
  • Affected Versions: v3.11B01 NA BETA and earlier
  • End of Support and End of Life: 04/27/2018
  • Status: EOL and EOS

 

DIR-300 (Non-US)

  • Hardware Revision: RevB
  • Affected Versions: v214b01 and earlier
  • End of Support and End of Life: 08/31/2020
  • Status: EOL and EOS

 

DIR-456U (Non-US)

  • Hardware Revision: RevA
  • Affected Versions: v1 and earlier
  • End of Support and End of Life: 08/31/2020
  • Status: EOL and EOS

 

DIR-600

  • Hardware Revision: RevB5
  • Affected Versions: v2.14B01 and earlier
  • Last Available Firmware: v2.18_Jimo RevB
  • End of Support and End of Life: 10/01/2016
  • Status: EOL and EOS

 

DIR-815

  • Hardware Revision: RevA
  • Affected Versions: v1.02 and earlier
  • End of Support and End of Life: 12/29/2017
  • Status: EOL and EOS

 

Reports affecting older or legacy firmware are not accepted. EOL and EOS status means support and service have ended, and no security updates will be released.

 

Affected Models Summary

 

Model

Region

Hardware Revision

End of Support

Legacy Website

Last Updated

DAP-1522

All Regions

RevB

07/01/2016

Yes

01/30/2026

DAP-1525

All Regions

RevA

02/28/2018

Yes

01/30/2026

DAP-1650

All Regions

RevA

10/31/2021

Yes

01/30/2026

DHP-W311AV

All Regions

RevC

04/27/2018

Yes

01/30/2026

DIR-300

Non-US

RevB

08/31/2020

Yes

01/30/2026

DIR-456U

Non-US

RevA

08/31/2020

Yes

01/30/2026

DIR-600

All Regions

RevB5

10/01/2016

Yes

01/30/2026

DIR-815

All Regions

RevA

12/29/2017

Yes

01/30/2026

 

Recommendations for End of Support and End of Life Products

 

D-Link periodically designates products as EOS or EOL due to technology changes, market demand, or lifecycle maturity. Products in this status should be replaced with newer models offering improved functionality and active support.

 

Guidance for US and Canada Consumers

 

  • Products that have reached EOS or EOL no longer receive technical support, firmware updates, or security remediation.
  • Continued use of EOL and EOS products increases security risk to connected networks and devices.
  • D-Link strongly advises discontinuing use of these products.

 

Security Reports for EOL and EOS Devices

 

  • D-Link does not accept or validate vulnerability reports for EOL or EOS products.
  • No firmware updates or hotfixes will be released.
  •  The last available firmware appears on the legacy site for reference only:
    https://legacy.us.dlink.com/
  • Continued use of EOL or EOS devices occurs at the user’s own risk.