- D-Link warns that all DIR-878 routers (discontinued in 2021) have four RCE errors
- Researcher Yangyifan released PoC exploit code; CISA has not yet added them to the KEV catalog
- End-of-life routers are prime botnet targets (Mirai, Aisuru) for DDoS and proxy abuse
D-Link has warned customers about four vulnerabilities it recently discovered in a router model that is no longer supported.
In a security advisory, D-Link said that all versions of the DIR-878 device, meaning derivative models, all revisions and all firmware versions, are vulnerable to multiple remote code execution flaws.
The vulnerabilities are tracked as CVE-2025-60672, CVE-2025-60673, CVE-2025-60674 and CVE-2025-60676 and were given a severity rating between 6.5 and 6.8/10 (medium). The first two issues are unauthorized remote control errors, the third is a stack overflow in USB storage handling error, and the last is an arbitrary command execution vulnerability.
Proof of Concept Threats
The affected router was first released in 2017 and was discontinued back in 2021, but can apparently still be purchased, new or used, for prices between $75 and $125. It was mostly used in homes and small offices.
But a security researcher named Yangyifan published both technical details and proof-of-concept (PoC) exploit code. However, despite the fact that the PoC has already been released, the US Cybersecurity and Infrastructure Security Agency (CISA) has yet to add it to its catalog of known exploited vulnerabilities (KEV).
Still, with PoC out there, it’s safe to assume it’s only a matter of time before real attacks start.
Many of the world’s largest botnets, such as Mirai or Aisuru, target obsolete routers, DVRs, home surveillance systems and smart home appliances and assimilate them into the network.
The access is then rented out to other cybercriminals for various activities, such as residential proxy services (hiding cybercriminal activity behind other people’s routers), Distributed Denial of Service (DDoS) attacks (taking down websites and online services), and the like.
The best way to defend against these errors is to replace the outdated hardware with a newer model. If that’s not an option, D-Link recommends at least installing the latest firmware and keeping a strong password (also updated frequently).
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
