No More Patches: D-Link DIR-822 Vulnerable to Remote Takeovers (CVE-2024-25331)
Security researchers Quynh Le and Eng De Sheng from Ensign InfoSecurity Labs have uncovered a major security flaw (CVE-2024-25331) in the popular D-Link DIR-822 router. This vulnerability leaves the door wide open for unauthenticated attackers to take full control of affected routers, potentially stealing sensitive data, disrupting your internet connection, or using your device for malicious activities.
Vulnerability Detail
“A stack-based buffer overflow vulnerability is discovered in the (Home Network Administration Protocol) service on the D-Link DIR-822 routers. This vulnerability can be exploited by unauthenticated attackers to gain arbitrary remote code execution on the vulnerable router,” reads the security advisory.
Even the latest firmware (v2.03B01) released on October 27, 2023, does not protect your DIR-822-CA (Rev.B) router from the CVE-2024-25331 vulnerability.
Why This Is Serious
- Remote Exploitation: Hackers can attack your router from anywhere in the world, without needing to be on your network.
- Complete System Takeover: Successful exploitation could give attackers administrative rights to your router.
- No Patch in Sight: D-Link has ceased support for the DIR-822 (both Rev. A and Rev. B models), meaning no fix will be released.
The Dangers of Router Compromise
A hacked router is a hacker’s playground:
- Spying on Your Activity: They can monitor every website you visit, every email you send, and every password you enter.
- Data Theft: Sensitive information like financial details and personal files are exposed.
- Launching Further Attacks: Your router can be forced into a botnet, used to spread malware or participate in denial-of-service attacks.
What You MUST Do
D-Link strongly recommends replacing your D-Link DIR-822 router immediately. Newer models offer better security and ongoing support essential to protect yourself from evolving threats.
“D-Link strongly recommends that this product be retired and cautions that any further use of this product may be a risk to devices connected to it. If US consumers continue to use these devices against D-Link’s recommendation, please make sure the device has the most recent firmware, make sure you frequently update the device’s unique password to access its web-configuration, and always have WIFI encryption enabled with a unique password,” D-Link noted.
