Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Alerts

Active Exploitation of Vulnerabilities in D-Link Routers

27 May 2024

There have been reports of active exploitation of vulnerabilities affecting D-Link DIR-600 and DIR-605 routers.

The vulnerabilities are:

CVE-2014-100005: Successful exploitation of the cross-site request forgery (CSRF) vulnerability could allow an attacker to hijack an existing administrator session and change router configurations.

CVE-2021-40655: Successful exploitation of the information disclosure vulnerability could allow an attacker to obtain login credentials by forging a POST request to an affected router's configuration page.

The vulnerabilities affect the following products:

  • DIR-600

  • DIR-605

  • DIR-605L

The affected D-Link products have reached End of Life (EOL). Users and administrators of affected EOL products are advised to retire and replace their devices with products that are supported by the manufacturer.

More information is available here:

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10393

Back to top