A vulnerability in D-Link’s DIR-859 routers could, among other things, lead to the device’s password being revealed. Since this router type is no longer supported, users should not expect a patch.

D-Link shares details of a vulnerability discovered in its DIR-859 routers. The vulnerability, CVE-2024-0769, has a rating of 9.8 out of 10 and was first discovered in January. All models of this particular router type appear to be affected, regardless of which firmware version is installed.

Hackers can exploit the vulnerability to penetrate DEVICE.ACCOUNT.xmlFile in which a lot of confidential information awaits you. Among other things, the router password, access control lists and firewall settings are revealed.

Buy a new router

However, D-Link does not plan to roll out a patch. The manufacturer has a good reason for this: the router in question has not been supported since 2020. The security flaw should be a wake-up call for users to update their routers. D-Link also takes responsibility for customers who continue to use the router after the end of support.

Using outdated hardware and software is always at your own risk. As long as the devices still work properly, it is tempting to continue using them, but they pose security risks.

D-Link’s way of working has been met with some criticism from the security company Greynoise. Because the manufacturer makes the vulnerability public without wanting to do anything about it, it is putting the users of the routers at risk.

There are still many routers of this type connected to the Internet, and until users can replace them, they remain vulnerable. Greynoise is aware of some attempts to exploit the vulnerability and suspects that many attacks have flown under the radar.

Therefore, the best advice for owners of a DIR-859 router seems to be to buy a new router as soon as possible. As a precautionary measure, it is recommended to create a new username and password. CVE-2024-0769 does not seem to affect any other D-Link routers so far.