D-Link DIR-878 routers affected by multiple RCE vulnerabilities

First reported

20.11.2025 17:38

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

D-Link has disclosed four vulnerabilities in its end-of-life DIR-878 router, including three remotely exploitable command execution flaws. The vulnerabilities affect all models and hardware revisions of the router, which is still available for purchase. D-Link has warned that it will not release security updates for this model and recommends replacing it with an actively supported product. The vulnerabilities include CVE-2025-60672 and CVE-2025-60673, which allow remote unauthenticated command execution via unsanitized parameters, and CVE-2025-60674, a stack overflow in USB storage handling. Proof-of-concept exploit code has been published by a researcher, increasing the risk of exploitation by threat actors.

Timeline

20.11.2025 17:38 1 articles · 23h ago

D-Link discloses RCE vulnerabilities in end-of-life DIR-878 routers
D-Link has disclosed four vulnerabilities in its end-of-life DIR-878 router, including three remotely exploitable command execution flaws. The vulnerabilities affect all models and hardware revisions of the router, which is still available for purchase. Proof-of-concept exploit code has been published by a researcher, increasing the risk of exploitation by threat actors. D-Link has warned that it will not release security updates for this model and recommends replacing it with an actively supported product.
Show sources

D-Link warns of new RCE flaws in end-of-life DIR-878 routers — www.bleepingcomputer.com — 20.11.2025 17:38
Open in new tab

Information Snippets

D-Link DIR-878 routers are affected by four vulnerabilities, three of which are remotely exploitable.
First reported: 20.11.2025 17:38

1 source, 1 article
Show sources
- D-Link warns of new RCE flaws in end-of-life DIR-878 routers — www.bleepingcomputer.com — 20.11.2025 17:38
CVE-2025-60672 allows remote unauthenticated command execution via SetDynamicDNSSettings parameters.
First reported: 20.11.2025 17:38

1 source, 1 article
Show sources
- D-Link warns of new RCE flaws in end-of-life DIR-878 routers — www.bleepingcomputer.com — 20.11.2025 17:38
CVE-2025-60673 allows remote unauthenticated command execution via SetDMZSettings and unsanitized IPAddress value.
First reported: 20.11.2025 17:38

1 source, 1 article
Show sources
- D-Link warns of new RCE flaws in end-of-life DIR-878 routers — www.bleepingcomputer.com — 20.11.2025 17:38
CVE-2025-60674 is a stack overflow in USB storage handling due to oversized “Serial Number” field.
First reported: 20.11.2025 17:38

1 source, 1 article
Show sources
- D-Link warns of new RCE flaws in end-of-life DIR-878 routers — www.bleepingcomputer.com — 20.11.2025 17:38
Proof-of-concept exploit code for the vulnerabilities has been published by a researcher named Yangyifan.
First reported: 20.11.2025 17:38

1 source, 1 article
Show sources
- D-Link warns of new RCE flaws in end-of-life DIR-878 routers — www.bleepingcomputer.com — 20.11.2025 17:38
D-Link has reached end-of-life for the DIR-878 router and will not release security updates.
First reported: 20.11.2025 17:38

1 source, 1 article
Show sources
- D-Link warns of new RCE flaws in end-of-life DIR-878 routers — www.bleepingcomputer.com — 20.11.2025 17:38
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has assessed the vulnerabilities as medium-severity.
First reported: 20.11.2025 17:38

1 source, 1 article
Show sources
- D-Link warns of new RCE flaws in end-of-life DIR-878 routers — www.bleepingcomputer.com — 20.11.2025 17:38
The RondoDox botnet uses multiple known flaws, including some affecting D-Link devices.
First reported: 20.11.2025 17:38

1 source, 1 article
Show sources
- D-Link warns of new RCE flaws in end-of-life DIR-878 routers — www.bleepingcomputer.com — 20.11.2025 17:38

Summary

Timeline

D-Link discloses RCE vulnerabilities in end-of-life DIR-878 routers

Information Snippets