Find notable cyber news and cases, enriched with sources, timelines, and signals.

DIR-878 router remotely exploitable command execution flaws (multiple vulnerabilities)

Vulnerability
First reported
Last updated
Happening score
H score 1
1 unique sources, 1 articles

Summary

Hide ▲

D-Link DIR-878 routers are affected by four vulnerabilities, including three remotely exploitable command execution flaws and one USB/physical-access stack overflow. The issues affect all models and hardware revisions, and public PoC exploit code is already available, raising the risk for still-deployed devices. Because the DIR-878 is end-of-life, there will be no security updates for the model.

Related Happenings

AryStinger legacy-router and QNAP NAS reconnaissance campaign

Campaign
H score72 First: 22.06.2026 09:57 Last: 22.06.2026 09:57 Sources 1

About this happening: The **AryStinger** campaign is turning **legacy routers** and **QNAP NAS boxes** into a **distributed reconnaissance and proxy network**, creating a stealth relay layer for intrus...

Mirai-based CVE-2025-29635 D-Link DIR-823X botnet-enlistment campaign

Campaign
H score38 First: 22.04.2026 23:04 Last: 22.04.2026 23:04 Sources 1

About this happening: The **Mirai-based malware campaign** is **actively exploiting CVE-2025-29635** against **D-Link DIR-823X routers**, turning vulnerable devices into botnet nodes. The activity matt...

F5 BIG-IP APM active exploitation wave (CVE-2025-53521)

Exploitation Wave
H score79 First: 02.04.2026 11:25 Last: 02.04.2026 11:25 Sources 1

About this happening: As of **2026-04-02**, ongoing attacks are exploiting **CVE-2025-53521** against **F5 BIG-IP APM** systems, leaving more than **14,000** exposed online and at risk of remote code e...

Digiever DS-2105 Pro active exploitation wave (CVE-2023-52163)

Exploitation Wave
H score39 First: 25.12.2025 10:07 Last: 25.12.2025 10:07 Sources 1

About this happening: **CVE-2023-52163** is being exploited at scale against **Digiever DS-2105 Pro NVRs**, with multiple reports linking abuse to **Mirai** and **ShadowV2** botnet delivery. The flaw i...

CISA KEV addition for Sierra Wireless ALEOS routers

Public Sector Action
H score33 First: 13.12.2025 14:33 Last: 13.12.2025 14:33 Sources 1

About this happening: **CISA** added **CVE-2018-4063** to its **KEV catalog**, putting **Sierra Wireless AirLink ALEOS routers** under federal remediation pressure after reports of **active exploitatio...

Timeline

  1. 20.11.2025 17:38 2 articles · 7mo ago

    D-Link warns about DIR-878 command execution flaws

    Initial Disclosure

    D-Link warns that DIR-878 routers are affected by four vulnerabilities, including CVE-2025-60672, CVE-2025-60673, CVE-2025-60674, and CVE-2025-60676, with three remotely exploitable command execution flaws and one USB- or physical-access stack overflow affecting all models and hardware revisions. The DIR-878 is end-of-life, will not receive security updates, and should be replaced with an actively supported product; proof-of-concept exploit code for the vulnerabilities is already public.

    Show sources