D-Link has announced that several of its DIR-846W routers, which have reached their End of Life (EOL) and End of Service (EOS) stages, will no longer receive security updates despite multiple severe vulnerabilities being discovered. These flaws, all of which allow for remote command execution (RCE), leave users at significant risk if they continue using these devices.
The vulnerabilities, identified as CVE-2024-41622, CVE-2024-44340, CVE-2024-44341, and CVE-2024-44342, were disclosed on August 27, 2024, by a third-party security researcher under the alias “yali-10012.” The issues were found in firmware version A1 FW100A43 of the DIR-846W model. Each vulnerability involves improper input handling in different parameters within the router's configuration interface, potentially allowing an attacker to execute arbitrary commands on the device.
Here’s a breakdown of the four flaws:
- CVE-2024-41622: This vulnerability is triggered through the tomography_ping_address parameter in the /HNAP1/ interface, leading to a high-severity RCE with a CVSS score of 8.8.
- CVE-2024-44340: The flaw exists in the SetSmartQoSSettings function via the smartqos_express_devices and smartqos_normal_devices parameters, requiring authentication but still rated with a CVSS score of 8.8.
- CVE-2024-44341: A critical flaw with a CVSS score of 9.8, this issue is tied to the lan(0)_dhcps_staticlist parameter and can be exploited remotely via a crafted POST request, potentially without any authentication.
- CVE-2024-44342: This critical vulnerability, also scoring 9.8 on the CVSS scale, is related to the wl(0).(0)_ssid parameter, exposing the device to severe RCE attacks.
Recommendations
The DIR-846W series, primarily sold outside the US, has been unsupported since February 2020. As a non-US product, it does not qualify for inclusion on D-Link’s legacy support portal either. All that said, D-Link strongly recommends that users retire and replace these devices immediately. The networking hardware vendor cautions that continuing to use these routers could expose connected devices to significant security risks.
Users who insist on continuing to use these devices should ensure that they have the latest available firmware installed, regularly update the device's access passwords, and maintain strong Wi-Fi encryption settings. However, the lack of patches for the mentioned flaws still leaves users vulnerable so the best course of action is to replace the DIR-846W with an actively supported router.
Nigerian Who Stole $7.5 Million from American Charities Extradited to U.S.
Leave a Reply