D-Link users beware: Hackers are looking for end-of-life models to exploit

Researchers have discovered a new vulnerability affecting older D-Link routers that don't receive security updates.

This critical severity flaw in D-Link DSL gateway devices could allow for remote code execution

CVE-2026-0625, a critical command injection flaw (9.3/10), is being actively exploited in legacy D-Link gateway routers ...
SecurityWeek

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code ...

Dispose now! No more support for attacked D-Link DSL routers

Currently, unknown attackers are targeting various D-Link DSL routers. There have been no security patches for these devices ...
The Hacker News

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

A critical flaw in legacy D-Link DSL routers lets unauthenticated attackers run commands and hijack DNS, with active ...
Dark Reading

Attackers Exploit Zero-Day in End-of-Life D-Link Routers

"The affected endpoint is also associated with unauthenticated DNS modification ("DNSChanger") behavior documented by D-Link, ...

New D-Link flaw in legacy DSL routers actively exploited in attacks

Threat actors are exploiting a recently discovered command injection vulnerability that affects multiple D-Link DSL gateway ...