- D-Link warns that all DIR-878 routers (discontinued in 2021) have four RCE flaws
- Researcher Yangyifan published PoC exploit code; CISA has not yet added them to the KEV catalog
- End-of-life routers are prime targets of botnets (Mirai, Aisuru) for DDoS attacks and proxy abuse.
D-Link has warned customers of four recently discovered vulnerabilities in a router model that is no longer supported.
In a security advisory, D-Link stated that all versions of the DIR-878 device, i.e. derivative models, all revisions and all firmware versions, are vulnerable to several remote code execution bugs.
The vulnerabilities are tracked as CVE-2025-60672, CVE-2025-60673, CVE-2025-60674, and CVE-2025-60676, and have received severity scores between 6.5 and 6.8/10 (medium). The first two issues are remote unauthenticated command execution bugs, the third is a stack overflow in the USB storage management bug, and the last is an arbitrary command execution vulnerability.
Proof of Concept Threats
The affected router was first released in 2017 and was discontinued in 2021, but it can apparently still be purchased, new or used, for prices between $75 and $125. It was mainly used in homes and small offices.
But a security researcher named Yangyifan has published both technical details and proof-of-concept (PoC) exploit code. However, although the PoC has already been released, the US Cybersecurity and Infrastructure Security Agency (CISA) has not yet added it to its catalog of known exploited vulnerabilities (KEV).
Nonetheless, with PoC available, it can be assumed that it is only a matter of time before real attacks begin.
Many of the world’s largest botnets, such as Mirai or Aisuru, target end-of-life routers, DVRs, home surveillance systems, and smart home appliances and assimilate them into the network.
Access is then rented to other cybercriminals for various activities, such as residential proxy services (hiding cybercriminal activity behind other people’s routers), distributed denial of service (DDoS) attacks (taking down websites and online services), etc.
The best way to defend against these vulnerabilities is to replace outdated hardware with a newer model. If that’s not an option, D-Link advises at least installing the latest firmware and keeping a strong password (which is also frequently updated).
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
