D-Link DIR series Routers

The D-Link DIR series is a line of wireless routers.

2025: Discovery of a vulnerability to compromise a device and gain access to all traffic

D-Link recommends replacing routers in which Positive Technologies has identified a vulnerability. Positive Technologies announced this on March 17, 2025.

The devices are no longer supported by the manufacturer and can be dangerous.

PT SWARM team expert Vladimir Razov discovered a vulnerability in several models of D-Link routers. According to Mordor Intelligence, D-Link is on the list of world market leaders Wi-Firouters-. The vendor has been notified of the threat as part of a responsible disclosure policy and recommends that users switch to more modern device lines.

The found vulnerability of BDU: 2024-06211, got assessment 8.4 points on CVSS 3.0 scale, the following models of D-Link are subject: DIR-878, DIR-882, DIR-2640-US, DIR-1960-US, DIR-2660-US, DIR-3040-US, DIR-3060-US, DIR-867-US, DIR-882-US, DIR-882/RE, DIR-882-CA, DIR-882-US/RE. At the time of the study, vulnerable routers using search engines could be found in the United States, Canada, Sweden, China, Indonesia and Taiwan.

According to the manufacturer, the listed models are no longer supported. D-Link recommends decommissioning them and replacing them with hardware that receives firmware updates.

With the successful exploitation of the vulnerability found, a user authorized in the router's web interface can completely compromise the device and gain access to all traffic passing through it, "said Vladimir Razov, a specialist in the web application security analysis group, Positive Technologies.

As a temporary measure to reduce the threat, Vladimir Razov recommends, if possible, using OpenWrt (open embedded, operating system based on Linux and designed specifically for routers) or changing credentials data to access the web interface of the router.

2020

Fix three of six vulnerabilities in DIR-865L

D-Link has released a firmware update that fixes three of the six vulnerabilities that were found in the DIR-865L wireless router. This became known on June 16, 2020. One of the uncorrected vulnerabilities is critical, and the other two are dangerous. Problems can be exploited to execute arbitrary commands, steal confidential information, download malware, or delete data.

The D-Link DIR-865L model was released in 2012 and for June 2020 is not supported for consumers in the United States, but the official pages for European countries indicate the status of the "end of sales" model. This means that the product can no longer be purchased, but it is still supported by the supplier.

Experts from the Unit 42 division of Palo Alto Networks at the end of February 2020 discovered a number of vulnerabilities in D-Link DIR-865L and reported them to the manufacturer:

• CVE-2020-13782: incorrect neutralization of special elements used in the command (implementation of commands). The issue received a CVSS score of 9.8 (not corrected).
• CVE-2020-13786: Cross-Site Request Forgery (CSRF). The issue received a score of 8.8 on the CVSS scale (corrected).
• CVE-2020-13785: Not reliable enough. enciphering The issue received a score of 7.5 on the CVSS scale (corrected).
• CVE-2020-13784: Predictable seed in pseudo-random number generator. The problem received a score of 7.5 on the CVSS scale (not fixed).
• CVE-2020-13783: Keeping confidential information in open text. The issue received a score of 7.5 on the CVSS scale (corrected).
• CVE-2020-13787: Transfer of confidential information in clear text. The problem received a score of 7.5 on the CVSS scale (not fixed).

As experts noted, although the vulnerability of the implementation of commands received a critical assessment of the danger from NVD, authentication is required to use it. Combining some of these vulnerabilities could allow attackers to intercept network traffic and steal session cookies, one of the researchers said.

Thus, criminals can access the administrative portal for sharing files, which gives them the ability to download arbitrary harmful files, download confidential files or delete important ones. data They can also use the cookie to run arbitrary commands and execute -. DDoSattacks

D-Link responded to the notification of experts with the release of a beta version of the firmware, in which only three vulnerabilities were fixed. The company did not comment on its decision to release partial fixes^[1].

Start selling the hardware version of the router DIR-615

The company D-Link announced on March 11, 2020, the launch of the equipment room wireless router DIR-615/X version. The router is implemented on a hardware platform, equipped with a modern one software created Ryazan in the D-Link research and development center, and meets the current technical requirements for access equipment in. Internet The novelty supports all current IPv4IPv6 types/connections, various connection scenarios, IPTV redundancy, can WAN perform the functions of a WISP repeater, access point, wireless repeater or client. Wi-Fi

Characteristics of the wireless DIR-615/X router:

• a RTL8196E processor;
• one WAN port 10/100BASE-TX and four LAN ports 10/100BASE-TX;
• button for automatic installation of a secure wireless connection (WPS);
• Wi-Fi speeds up to 300 Mbps (IEEE 802.11n);
• WMM (Wi-Fi QoS);
• wireless encryption by WPA/WPA2 standards.

DIR-615/X is made in a compact black case with a size of 13.1 x 13 x 3.4 cm and is equipped with external non-removable omnidirectional rotary antennas with a gain of 5 dBi, which provide reliable coverage and high-quality signal reception in apartments with a complex layout and a large number of mobile devices.

Security functionality includes IPURL filtering by/MAC/-addresses, a firewall with connection control, protection against ARP and - DoS attack. The device supports IPsec the pass-through function, which allows you to pass IPsec traffic and establish - VPN connections from the internal network. The. Yandex DNS service protects users from malicious and fraudulent sites and protects children and adolescents from visiting sites that can harm their health or development.

DIR-615/X is fully adapted to work with IPTV and provides high-quality playback of media content on the home network. Supports IGMP Proxy, various VLAN uses, and the UDPXY application for viewing IPTV on mobile devices and TVs that do not support multicast traffic.

The Ethernet port bandwidth and wireless client speed limitation feature ensures optimal allocation of network resources and comfortable operation of several local users at the same time. To ensure uninterrupted Internet access, the WAN protection function is implemented. Any wired or wireless WAN connection of the router can be used as a backup access channel.

The free D-Link Assistant mobile app for iOS and Android is available for configuration and management. The function of automatic notification of the appearance on the D-Link server of the next version of the software with its subsequent installation is supported.

The DIR-615/X software contains a built-in TR-069 client for remote diagnostics and router management, allowing ISPs to reduce costs, improve customer service, and reduce the burden on technical support services. A DIR-615/X customization service is available for Internet providers, including placing a logo on the case, individual packaging design, developing firmware taking into account specific customer requirements and adding the necessary functionality, for example, an SLA agent for monitoring the health of client networks.

The DIR-615/X router has already arrived at the company's warehouse in Ryazan and is available for order from the company's official resellers. The recommended price for end users is $21.

2019

Vulnerability in the gateway interface that allows code to be executed remotely

On October 7, 2019, it became known that researcher Thana Nguyen Nguyen of FortiGuard Labs published details about a critical CVE-2019-16920 vulnerability in the firmware of some routers from D-Link. The problem was discovered in September 2019, but the supplier will not release the patch.

D-Link DIR-655

The problem is related to unauthenticated command implementation and affects the firmware of DIR-655, DIR-866L, DIR-652 and DHP-1565 routers. The vulnerability can be exploited by an attacker by entering arbitrary characters in the PingTest gateway interface, which will allow remote code execution and completely compromise the system. The critical vulnerability received 9.8 points out of 10 according to CVSS v3.1 and 10.0 points according to CVSS v2.0.

On September 22, 2019, the researcher reported the problem to D-Link. The manufacturer has confirmed the vulnerability, but due to the termination of support for devices, it does not intend to release a patch. In this regard, users of vulnerable D-Link routers are strongly advised to replace devices with newer^[2] models^[3].

AC1200 Wave 2 routers with support of MU-MIMO (DIR-825, DIR-842, DIR-841, DIR-822, DIR-815/R, DIR-815/S)

On February 7, 2019, the company D-Link introduced the routers Wave 2 line of wireless dual-band AC1200 with MU-MIMO support. According to the manufacturer, routers they passed full-scale testing and are recommended for use on high-speed tariff plans of federal and regional -. Internetproviders

According to the manufacturer, the AC1200 Wave 2 routers are designed to organize smart home wireless networks with a large number of simultaneously running streaming applications, including watching IPTV, broadcasting from HD video surveillance cameras, working with cloud services and media content resources. Devices are also recommended for use in enterprise and office SMB/SOHO wireless networks with increased bandwidth requirements and a large number of simultaneously connected mobile devices.

According to the manufacturer, the presented generation of D-Link routers is implemented on a high-performance hardware platform based on a RTL8197F processor with a clock frequency of 1 GHz and a wireless module AC1200 Wave 2, which provides up to 867 Mbps in the 5 GHz range and up to 300 Mbps in 2.4 GHz. The line of routers is represented by the following models:

• DIR-825 with a 1000 Mbit/s WAN port, 4 1000 Mbit/s LAN ports, a multi-function USB 2.0 port and 4 external antennas 5 dBi;
• DIR-842 with a 1000 Mbit/s WAN port, 4 1000 Mbit/s LAN ports and 4 external antennas 5 dBi;
• DIR-841 with a 1000 Mbit/s WAN port, 4 100 Mbit/s LAN ports, and 4 external antennas 5 dBi;
• DIR-822 with a 100 Mbit/s WAN port, 4 100 Mbit/s LAN ports, and 4 external antennas 5 dBi;
• DIR-815/R with a 100 Mbit/s WAN port, 4 100 Mbit/s LAN ports, a multi-function USB 2.0 port and 4 external antennas 5 dBi;
• DIR-815/S with a 100 Mbit/s WAN port, 4 100 Mbit/s LAN ports, and 4 internal antennas 3.5 dBi.

As noted in D-Link, routers are optimized for working in rooms with a complex layout and a large number of mobile devices. TX Beamforming wireless directional signal generation technology improves the quality Wi-Fi of -connections for client devices that are far from the router and receive the signal worse. MU-MIMO support allows you to increase the bandwidth of the wireless network by simultaneously transferring data to several devices at once. In such a network, modern smartphones tablets 802.11ac and Wave 2 support will be able to maximize their high-speed capabilities. For users PERSONAL COMPUTER laptops and with wireless modules 802.11n , a dual-band USB AC1300 adapter with MU-MIMO DWA-182 support is recommended.

All models support Smart Wi-Fi client distribution and can be used to organize a single wireless space based on multiple D-Link routers. The Smart Wi-Fi function allows a wireless client to connect to the router with the highest signal level in a timely manner, providing an increase in Wi-Fi coverage, eliminating "dead spots" and the best possible connection speed anywhere in the coverage area, the manufacturer claims.

According to D-Link, AC1200 Wave 2 routers are fully adapted to work with IPTV and provide high-quality playback of a variety of media content in the home network. Supports IGMP Proxy, various VLAN uses, UDPXY application for viewing IPTV on mobile devices TVs and Smart TVs that do not support multicast traffic.

The multifunctional USB port in DIR-825 and DIR-815/R models supports connection, and USB stores printers - 3G/LTE modems. The built-in torrent client allows you to download files to a USB drive without using a PC,server and DLNA media allows you to stream downloaded media content to tablets and smartphones Smart TVs. It is possible to remove access to the drive via or to protocols FTP SMB. When connecting a USB modem, the devices support redundancy of access channels in: in Internet case of problems on the main wired line provider , the router automatically switches to a backup 3G/LTE connection, noted in D-Link.

mobile application D-Link Assistant is available for configuration and management. The application, according to the manufacturer, will help you set up an Internet connection, a wireless network and IPTV, turn on the Wi-Fi guest network, block sites that are undesirable for the child using URL a -filter or service., YandexDNS Configure - VPN tunels, port forwarding, turn off indicators and much more.

The router software was developed in the Russian D-Link R&D Center, taking into account the requirements and based on the experience of cooperation with federal and regional Internet providers. As the manufacturer noted, the AC1200 Wave 2 routers are fully adapted to work on modern tariff plans of providers. The DIR-822, DIR-815/R, and DIR-815/S models provide over 95 Mbps of bandwidth on any type of connection. The bandwidth of gigabit DIR-825 models, DIR-842, DIR-841 reaches 900 Mbps.

As of February 2019, routers are available for order from the company's official resellers. Suggested retail price: DIR-825/R - $61; DIR-842/R – $59; DIR-841 – $52; DIR-815/R – $48; DIR-822/R – $46; DIR-815/S – $43.

2018

SkyDNS content filtering module in D-Link DIR-853, DIR-878 and DIR-882

The manufacturer of network equipment D-Link , together cloudy with the content filter SkyDNS , expanded the capabilities routers of D-Link to make Internet it safer for their users and introduced the SkyDNS content filtering module. This was announced on December 13, 2018 by SkyDNS.

The constantly growing number of users on the Internet opens up a wide field for the activities of fraudsters and hackers. Every day, new dangerous resources appear on the network, promoting suicide, sites selling drugs, malicious sites with viruses and Trojans. That is why, according to the developers, there is a constant need to improve the protection of home users and businesses from the actions of cybercriminals on the Internet.

According to the developers, the routers D-Link DIR-853, D-Link DIR-878 and D-Link DIR-882 have become safer due to the appearance of the SkyDNS content filtering module. Thanks to the features of the SkyDNS service, it is not just malicious content that has already entered the local network that is blocked, but malicious data is blocked at the request level to them. The SkyDNS cloud system allows you to protect any number of smartphones and computers of all types connected to the router without installing any programs, while offering advanced capabilities for Internet access control and Internet security at the router level.

According to SkyDNS, the SkyDNS solution opens up additional possibilities:

• Configure filtering for more than 60 topic categories and individual sites from black and white lists.
• The ability to set each device connected to the D-Link router its own filtering settings, Internet access time and filtering schedule.
• Use safe mode for YouTube - all videos with age restrictions are filtered.
• Force secure search modes into, search engines Yandex, Google Bing or the ability to use your own secure SkyDNS search.
• Internet usage statistics for each device with a detailed report on blocked and open sites.
• Block most types of online ads without additional plugins or programs.
• Additional alert functions allow you to quickly respond if devices infected with viruses have appeared on the network or the router has been disconnected from the filtering service.

The quality of filtering Internet resources and malicious content is provided by its own SkyDNS system for automatic categorization and detection of malicious Internet sites on the Internet. The dynamically formed and updated every day SkyDNS database contains over 105 million sites as of December 2018, which, according to the developer, covers all resources and resources visible on the network requested by users of the service.

According to the information provided by D-Link, you can download the updated software for the D-Link DIR-853, D-Link DIR-878 and D-Link DIR-882 routers with the presented functions on the D-Link website, or use the firmware auto-update function in the WEB interface of the router. Also, D-Link plans to supply routers with already updated firmware and a SkyDNS content filtering module in 2019.

D-Link and SkyDNS believe that SkyDNS-filtered D-Link routers are a reliable solution for protecting home users, small offices and educational institutions. A safe connection will protect children from unnecessary and dangerous information, and parents will provide comfortable use of the Internet without annoying advertising and the actions of fraudsters on all devices. For business, the solution will provide an additional layer of protection against Internet threats and provide a tool to improve employee efficiency by blocking sites that are not targeted for work.

N300 DIR-615/T

On March 6, 2018, D-Link introduced the N300 DIR-615/T wireless router. The model is implemented on the basis of an updated hardware platform and is equipped with software specially developed in the Ryazan Research and Development Center D-Link to meet the technical requirements for Internet access equipment.

The device supports all current IPv4IPv6 types/connections, various connection scenarios, IPTV redundancy, WAN Smart wireless client distribution technology Wi-Fi and can also act as a WISP repeater, access point, wireless repeater or Wi-Fi client.

DIR-615/T is equipped with WAN port 10/100BASE-TX and 4 LAN ports 10/100BASE-TX. A Secure Wireless Connection (WPS) automatic setup mode is provided.

The router supports wireless connection at speeds up to 300 Mbps, mechanisms enciphering according to WEP standards, WPA/WPA2, a Wi-Fi guest network. Security functionality includes filtering IPURL by/MAC/addresses, firewall with connection control, protection against ARP and DoS attacks. The Yandex.DNS service allows you to protect users from malicious and fraudulent sites and limit the access of children and adolescents to "adult" materials.

In order to optimize the allocation of network resources and the comfortable simultaneous operation of local users, the function of limiting the bandwidth of Ethernet ports and channels of wireless clients is provided.

To improve network reliability and eliminate cases of sudden disconnection of the Internet connection, the WAN reservation function is implemented. Any wired or wireless WAN connection of the router can be used as a backup access channel.

DIR-615/T is made in a compact stylish black case with external non-removable omnidirectional rotary antennas with a gain of 5 dBi, which provide reliable coverage and high-quality signal reception in apartments with a complex layout and a large number of mobile devices.

DIR-615 Wireless Router (2018)

DIR-615/T supports Smart Wi-Fi wireless client distribution technology and can be used to organize a single Wi-Fi wireless space based on multiple D-Link routers. Smart Wi-Fi technology allows you to automatically switch the wireless client to the router with the highest signal level for stable Wi-Fi coverage and maximum connection speed anywhere in the coverage area.

DIR-615/T supports IGMP Proxy and various VLAN usage options, creating comfortable conditions for working with IPTV and playing various media content from the Internet on the home network. Thanks to the built-in UDPXY application, it is possible to broadcast video and audio streams from the provider's IPTV channel to devices on the local network that do not support multicast traffic, for example, TVs, video machines, audio players.

DIR-615/T (2018)

DIR-615/T configuration and control are carried out by the user in step-by-step mode using an intuitive Russian-language Web interface and do not require special knowledge. The automatic notification function will notify the user in a timely manner server when a version of the built-in version appears on D-Link updates ON with its subsequent installation. In addition, to connect the router to the Internet and configure a home or office wireless network, you can use the free D-Link Click 'n' Connect mobile application for devices based on. Android

Notes