D-Link and NetGear Home Router Vulnerabilities

Threat Level: Medium
Threat Type: Vulnerabilities in home networking routers
Advisory Date: 07/13/2023

Description

Users who have installed a home router (including home gateways and wireless routers) from D-Link or Netgear are urged to review the security of their device. 

Employees utilizing such devices for remote work from home are urged to secure their device to avoid these security risks.

Users who only utilize routers as provided by their internet service provider (ISP) do not require action.

Impact

These devices may require a hardware or software update in order to resolve a serious security flaws which can allow attackers to make changes to your router which could allow:

  • Opening of ports to internal systems for malicious purposes
  • Redirecting or intercepting web traffic from connected internal devices
  • Used as part of a denial of service attack which uses your internet bandwidth to attack other infrastructure.

Resolution

If you have a NetGear device, you should review the following resource provided by the vendor:

https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders

If your device model is listed, action is required.  If a security hotfix is available for your model, it should be applied as soon as possible.  If the device “Fix status” is listed as “None; outside security support period”, the hardware device will need to be replaced to remediate the security issue.

If updates are available for your NetGear router’s firmware, please follow the support documentation at: https://www.netgear.com/support/

Some NetGear devices may be configured to "auto-update" which applies firmware updates to the device without the need to manually apply the updates.  If your device supports this option, it should be enabled. 

-----

If you have a D-Link device, such as DIR-655C, DIR-866L, DIR-652, DHP-1565, DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825, you should update your device with vendor supplied updates.

If your device is older than 5 years, it may no longer be supported by the vendor and not receive updates to remediate security issues.  You can see the support status of DLink Devices at: https://legacy.us.dlink.com/.  If your device is no longer supported, the hardware should be replaced.

In order to update your router’s firmware, please follow the support documentation for D-Link: https://support.dlink.com/

-----

As a general security practice, users who utilize other brands of routers not provided from their internet service provider (ISP) are also urged to update their devices to the most recent firmware versions. 

Resources

If you require assistance in determining if your D-Link or Netgear router requires updates or should be replaced, please contact:

Email: IT.Support@uregina.ca
Phone: 306-585-4685
Toll-free in Canada: 1-844-585-4685

External Resources:

CERT: Multiple Netgear routers are vulnerable to arbitrary command injection 

ZDNet: Netgear users advised to stop using affected routers after severe flaw found

NIST: CVE-2019-16920 for D-Link Devices

ZDNet: D-Link router remote code execution vulnerability will not be patched