D-Link Abandons DIR-846W Routers: Critical Vulnerabilities Left Unpatched
D-Link is warning that four critical RCE flaws in its DIR-846W router won’t be fixed due to end-of-support status. Users are urged to retire the product immediately to avoid security risks.
Hot Take:
D-Link’s latest announcement is like the landlord telling you the roof is on fire but they’re not fixing it because you’re living in an old apartment. Instead, they suggest you move out before the whole place goes up in flames. Classic!
Key Points:
- D-Link’s DIR-846W router has four new Remote Code Execution (RCE) flaws.
- Three of these are rated critical, affecting all hardware and firmware versions.
- The flaws, discovered by researcher yali-1002, are not being fixed as the router is no longer supported.
- The vulnerabilities have high CVSS v3 scores, up to 9.8, indicating severe risks.
- D-Link advises users to retire the router immediately but offers some mitigation steps if that’s not possible.
Membership Required
You must be a member to access this content.