How To Address Security Bugs In Your Old Router

How To Address Security Bugs In Your Old Router
Photo: <a href="https://www.shutterstock.com/image-photo/new-black-wifi-router-two-antennas-69688978?src=a952945d-4744-4d31-aece-ba0548209d5b-1-14">Shutterstock</a>

If an attacker manages to access your D-Link router’s login screen, and your router is old enough, it’s possible that they can take control of the router, inject it with code, and use it to attack other connected systems and devices. And the best part? D-Link is fully aware of these issues, but it isn’t planning to fix the affected routers because they are too old.

It’s a common issue in the world of wireless networking. And while D-Link provides us with the latest example, unpatched vulnerabilities in older routers can affect devices from any manufacturer.

As for D-Link’s issue, which we were alerted to by ThreatPost, the vulnerability applies to any of the following D-Link routers:

  • DIR-866

  • DIR-655

  • DIR-1565

  • DIR-652

  • DAP-1533

  • DGL-5500

  • DIR-130

  • DIR-330

  • DIR-615

  • DIR-825

  • DIR-835

  • DIR-855L

  • DIR-862

Your router is vulnerable. Now what?

Are these kind of announcements scary enough that you should break open the piggy bank and use your vacation fund to buy a new router? I’m on the fence about that.

If you’re still using an antiquated wireless-n router, like D-Link’s DIR-615, it’s probably time to upgrade to something more modern. You can get a great wireless-ac router for under $60, which should give most new smartphones and laptops you have an even stronger wireless connection. (That might not matter much in your everyday life if you’re paying for slow internet speeds, but at least you’ll be able to have a solid browsing experience at a potentially longer range.)

I recommend buying a new router that’s fairly new, too, to ensure that its manufacturer will continue to support it for the next few years. To help you make an informed decision, research a manufacturer’s end-of-life policies if they make those available (like D-Link, for example). This is important, since you don’t want to be in the same boat again—dealing with vulnerabilities a company won’t patch—because you “upgraded” to an older router

But I don’t want to buy a new router

If your older router isn’t giving you any grief, and you find that your wireless connection is everything you need for where you live, the best way to stay secure is to make sure you’re using the latest firmware you can find for your router. You might even consider a third-party firmware like DD-WRT or OpenWrt, if these can plug any security holes your manufacturer refuses to fix.

You’re also going to want to make sure that your router’s web-based administration screen, if it has one, is protected with a strong password—one that you don’t use with other services. And I can’t stress this enough: Turn off remote management on your router. Not all routers have this feature, and it’s not usually enabled by default if they do, but you shouldn’t be using it, period.

D-Link" loading="lazy" > Screenshot: D-Link

Similarly, if your router uses UPNP, lets you access it from afar via SSH, or has some kind of built-in FTP server, you should probably turn those services off, too. WPS, too, as well as any kind of cloud-based management. And make sure you’re using WPA2 encryption for your Wi-Fi password. If you’re still using WEP, or your router doesn’t even offer WPA2, it’s time to change that (or upgrade).

Beyond that, make sure you’re practicing common sense while you navigate the web. I doubt you’ll encounter code that exploits your router’s vulnerability while you’re chatting with friends on Facebook, but maybe spending your time hunting sketchy sites to find hacked games or applications isn’t a great idea. Keep your connected devices’ firmware, software, and virus/malware scanning updated, too, just in case—but that should be something you’re doing anyway, vulnerable router or not.

Remember, you can probably turn your old router into an access point and get even better Wi-Fi coverage throughout your house, so it’s not like buying a new router means your old router is going to the great recycling pile in the sky. Even if you don’t need or want to set up a secondary access point, it never hurts to have a backup for when a new router dies unexpectedly.

Log in to comment on this story!