- D-Link warns all DIR-878 routers (discontinued in 2021) carry four RCE flaws
- Researcher Yangyifan released PoC exploit code; CISA has not yet added them to KEV catalog
- End-of-life routers are prime botnet targets (Mirai, Aisuru) for DDoS and proxy abuse
D-Link has warned customers about four vulnerabilities it recently discovered in a router model that is no longer supported.
In a security advisory, D-Link said that all versions of the DIR-878 device, meaning derivative models, all revisions, and all firmware versions, are vulnerable to multiple remote code execution bugs.
The vulnerabilities are tracked as CVE-2025-60672, CVE-2025-60673, CVE-2025-60674, and CVE-2025-60676, and were given severity scores between 6.5 and 6.8/10 (medium). The first two issues are remote unauthenticated command execution bugs, the third one is a stack overflow in USB storage handling bug, and the last one is an arbitrary command execution vulnerability.
Proof of concept threats
The affected router was first released in 2017 and was discontinued back in 2021, but apparently can still be purchased, new or used, for prices between $75 and $125. It was used mostly in homes and small offices.
But a security researcher named Yangyifan published both technical details, and proof-of-concept (PoC) exploit code. However, despite the PoC already being released, the US Cybersecurity and Infrastructure Security Agency (CISA) has not yet added it to its Known Exploited Vulnerabilities (KEV) catalog.
Still, with the PoC out there, it is safe to assume it’s only a matter of time before real-life attacks start.
Many of the world’s biggest botnets, such as Mirai, or Aisuru, target end-of-life routers, DVRs, home surveillance systems, and smart home appliances, and assimilate them into the network.
Access is then rented out to other cybercriminals for various activities, such as residential proxy services (hiding cybercriminal activity behind other people’s routers), Distributed Denial of Service (DDoS) attacks (taking down websites and online services), and similar.
The best way to defend against these flaws is to replace the outdated hardware with a newer model. If that’s not an option, D-Link advises at least installing the latest firmware, and keeping a strong password (that is frequently updated, too).
Via BleepingComputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/xiF2oa9QT4q5sePeRdA8Af-1920-80.jpg
Source link
