Government Issues Security Warning for D-Link Router

The Indian Computer Emergency Response Team (CERT-In) has issued a critical security warning for certain D-Link Wi-Fi routers, highlighting newly discovered vulnerabilities that could compromise network security and steal sensitive information through remote attacks.

Affected Router Model

The security flaws impact the D-Link DIR-846W Wi-Fi router.

Cause of Vulnerability

According to the advisory, the vulnerabilities stem from issues with parameters like “tomography ping address” in the /HNAP1/ interface, and other configuration issues in “SetSmartQoSSettings,” “lan(0)_dhcps_staticlist,” and “wl(0).(0)_ssid.”

Potential Risks

Successful exploitation could allow attackers to execute remote code on the affected system, posing a significant threat to users’ network security.

Recommended Actions for Users

CERT-In advises that all hardware versions of the DIR-846 have reached End of Life (EOL) and End of Service Life (EOS). Users should follow D-Link’s official recommendations, including downloading and installing the latest firmware update that addresses these security flaws.