The D-Link EXO AX4800 (DIR-X4860) router faces a critical vulnerability, allowing remote unauthenticated command execution via the HNAP port, potentially leading to complete device takeovers. Despite its advanced Wi-Fi 6 capabilities, the router’s latest firmware version harbors flaws that grant attackers root privileges. SSD Secure Disclosure researchers uncovered these vulnerabilities but faced challenges in alerting D-Link, leaving the issues unresolved.
The DIR-X4860 router, renowned for its high-performance features and popularity in Canada, remains actively supported globally by D-Link. However, its susceptibility to remote exploitation poses significant security concerns for users. The attack process involves crafting a login request to bypass authentication, followed by exploiting a command injection vulnerability within the router’s operating system.
Despite multiple attempts by SSD to notify D-Link about the vulnerabilities over the past 30 days, the router maker remains unresponsive, leaving users exposed to potential attacks. In the absence of a security firmware update, users are advised to disable the device’s remote access management interface to mitigate the risk of exploitation.
