D-Link has released firmware patches for five vulnerabilities — three classified as critical — affecting its Wi-Fi 6 routers COVR-X1870, DIR-X4860, and DIR-X5460. The flaws enable remote code execution and unauthorized access via hardcoded credentials. D-Link confirmed that some vulnerabilities were publicly disclosed before patches were available, creating an exposure window for unpatched devices.
Vulnerabilities in COVR-X1870, DIR-X4860, and DIR-X5460
The D-Link security bulletin identifies five bugs across the three models, with three rated critical. The critical-severity issues include remote code execution and access through hardcoded credentials — both represent complete compromise scenarios where an attacker can gain full control of the router without requiring any authentication from the legitimate owner. D-Link has not published individual CVE identifiers for each flaw in the bulletin, but the disclosure of some vulnerabilities prior to patch release indicates they were in scope for external researchers.
Patched Firmware Versions
- COVR-X1870: firmware version 1.03B01
- DIR-X4860: firmware version 1.04B05
- DIR-X5460: firmware version DIR-X5460A1_V1.11B04
Firmware updates are available through the D-Link support portal. D-Link states it is not aware of active exploitation at the time of disclosure, but given that some vulnerabilities were publicly known before the patch release, that status should not be assumed to hold for long after publication.
Home and SMB Users Running These D-Link Wi-Fi 6 Models
The DIR-X4860 and DIR-X5460 are positioned as high-performance Wi-Fi 6 routers for home offices and small businesses; the COVR-X1870 is a mesh system marketed for whole-home coverage. Users running these models on firmware versions below the patched releases are exposed to remote code execution and hardcoded credential access from any network-adjacent attacker — and potentially from the internet if the router’s management interface is exposed externally.
How to Apply the D-Link Firmware Patch
- Log in to your router’s web interface (typically 192.168.0.1 or 192.168.1.1) and check the current firmware version under the Status or System Information section.
- Download the appropriate patched firmware for your model from the D-Link support portal and apply it through the router’s firmware update page.
- After updating, verify the firmware version has changed to the patched release.
- Change the router admin password if it remains at the factory default — hardcoded credentials vulnerabilities are partially mitigated when the admin password has been changed, though a full firmware update is still required.
- Disable remote management (WAN-side admin access) if not actively used — this reduces the attack surface for any future vulnerabilities.
D-Link’s history with router vulnerabilities makes timely patching particularly important: the company has faced repeated disclosures of critical flaws in its product lines, and several older D-Link models have reached end-of-life without receiving security updates. Users of affected models should apply the current patches promptly and check D-Link’s support page to confirm their specific hardware revision is covered.
