CVE-2017-5633 D Link CVE debrief

Who should care

Organizations or individuals still operating D-Link DI-524 devices on firmware 9.01, especially if the router management interface is reachable from untrusted networks or used in small-office/home-office environments.

Technical summary

NVD classifies the issue as CWE-352 (Cross-Site Request Forgery) with CVSS 3.0 vector AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H. The vulnerability is described as multiple CSRF flaws affecting CGI programs on the router, enabling actions such as changing the administrator password or rebooting the device when a victim interacts with crafted requests.

Defensive priority

High for exposed or actively managed devices. Even though user interaction is required, the potential impact includes loss of administrative control and service disruption on a network edge device.

Recommended defensive actions

• Confirm whether any D-Link DI-524 units are still in service and running firmware 9.01.
• Restrict router administration to trusted networks only; avoid exposing the management interface to the public internet.
• Apply any vendor-provided firmware fix if available for your device; if no supported fix exists, plan replacement of the legacy router.
• Use separate, hardened administration paths and limit which users can access router management.
• Monitor for unexpected admin-password changes, configuration drift, and unsolicited reboots on affected devices.

Evidence notes

The description and severity come from the supplied NVD record for CVE-2017-5633, which lists the affected CPE as d-link DI-524 firmware 9.01 and the weakness as CWE-352. The supplied record also provides the CVSS 3.0 vector AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H. Published date: 2017-03-06T06:59:00.257Z; modified date: 2026-05-13T00:24:29.033Z. No KEV listing is present in the supplied data.

Official resources