Overview

On January 22, 2019, D-Link became aware of a 3rd Party security research report by Cyber Independent Testing Lab (https://cyber-itl.org/). CITL accuses many consumer WIFI products from various US brands of deploying firmware that has security vulnerabilities based on unpatched bugs and development practices.  CITL accused the following D-Link router models: DIR-850L, DIR-880L, DIR-842, DIR-890L, and DIR-895L.

D-Link has promptly started investigating the issue, and we will provide updates as soon as we have more information. D-Link takes network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. We have a open process of working with security researchers and can be reached around the clock and around the world at security@dlink.com.

Please check back on this announcement or the product model page at https://support.dlink.com for updates.

3rd Party Report:

Parker Thompson
Sarah Zatko
{parker,sarah} _at_ cyber-itl _dot_ org

• Report :: HERE
• BitDefender Blog Post :: HERE

Details

At the current time we are investigating the accusations put forth in the CITL report and refer you to read the report linked directly above.

Affected Product Models and Patches:

 
 
 
Model
 
Hardware Revision
 
Affected FW
 
Fixed FW
 
 Last Updated
 
 
 
DIR-842
 
Under Investigation
 
Under Investigation
 
 
 
01/23/2019
 
 
DIR-850L
 
Under Investigation
 
Under Investigation
 
 
 
01/23/2019
 
 
DIR-880L
 
Under Investigation
 
Under Investigation
 
 
 
01/23/2019
 
 
DIR-890L/R
 
Under Investigation
 
Under Investigation
 
 
 
01/23/2019
 
 
DIR-895L/R
 
Under Investigation
 
Under Investiigation
 
 
 
01/23/2019