This critical severity flaw in D-Link DSL gateway devices could allow for remote code execution

Earlier this week, security researchers from VulnCheck announced finding a command injection vulnerability due to improper sanitization of user-supplied DNS configuration parameters. The bug is ...
SecurityWeek

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code execution (RCE).
Dark Reading

Attackers Exploit Zero-Day in End-of-Life D-Link Routers

"The affected endpoint is also associated with unauthenticated DNS modification ("DNSChanger") behavior documented by D-Link, ...
Cybernews

“There will be no patch” says D-Link, as hackers exploit old routers

Old D-Link routers are being hijacked via a zero-day vulnerability, known as CVE-2026-0625, which allows attackers to remotely execute commands. No patch is currently available.
The Hacker News

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

A critical flaw in legacy D-Link DSL routers lets unauthenticated attackers run commands and hijack DNS, with active ...

D-Link users beware: Hackers are looking for end-of-life models to exploit

Researchers have discovered a new vulnerability affecting older D-Link routers that don't receive security updates.

Dispose now! No more support for attacked D-Link DSL routers

Currently, unknown attackers are targeting various D-Link DSL routers. There have been no security patches for these devices for six years.

D-Link Announces New Small Business and On-the-Go Connectivity Solutions for Professionals

Small businesses and remote professionals are looking for connectivity solutions that fit how they actually work. Our ...