If you have an old D-Link DIR-865-L Wi-Fi router you should update its firmware immediately. Better yet, ditch the unit and replace it with one of the best wireless routers available.

The DIR-865-L, first released in 2012, has at least six serious security flaws, and D-Link has no plans to fix three of them.

"The product has reached End of Life (EoL)/EoS (End of Support) and there will be no further extended support or development," a recent D-Link support announcement said of the DIR-865-L router. D-Link recommends that this product be retired and any further use of this product may pose a risk to the devices connected to this product and to the end users connected to this product."

This is D-Link's standard policy for older devices; in fall 2019, a similar flaw was found in more than a dozen other D-Link routers, none of which the company said it would patch.

Like many of these routers last fall, we are a bit miffed that the D-Link DIR-865-L is still available at numerous online outlets including Amazon and NewEgg; buying a router that is more than five years old is not advisable, as it is not a good idea to buy a router that is more than five years old, as it is not a good idea to buy one that is more than five years old.

Palo Alto Networks Unit 42 discovered these six flaws in February and notified D-Link. After the standard 90-day disclosure period expired and D-Link stated its position, Palo Alto published its findings.

Using the Unit 42 description, the flaws involved cross-site request forgery (CSRF), insufficient encryption strength, plaintext storage of sensitive information, improper invalidation of special elements used in commands (command injection), predictable seeding of pseudo-random number generators and the transmission of sensitive information in plaintext.

The D-Link firmware update fixes only the first three. An attacker would need to get at least within range of the router's Wi-Fi network to exploit any of these flaws, which is not difficult, even in an apartment or suburban neighborhood.

Palo Alto warns that these problems may not be limited to this model.

"Some of these vulnerabilities may also be present in newer models of routers," the Unit 42 report states.

Again, if you have a D-Link DIR-865-L, please consider purchasing a new router. you would think that a Wi-Fi router would last for years, but in reality it is just like any other electronic device. by the time it reaches its seventh or eighth year, it is time to seriously It's time to consider it.

D-Link feels the same way. This is from the U.S. version of the support announcement, but it applies worldwide: "If a U.S. consumer continues to use the product contrary to D-Link's recommendations,https://legacy.us.dlink.com/,からの最新のファームウェアがインストールされていることを確認し、デバイスのウェブ設定にアクセスするための固有のパスワードを頻繁に更新し、常に固有のパスワードでWiFI暗号化を有効にしていることを確認してください。"

to the device.

To update the firmware, you must have a functioning Internet connection that passes through the router's management interface. We found detailed instructions for updating the firmware on the D-Link DIR-865-L on D-Link's Canadian support website.