Responsible Security Issue Reporting and Response

D-Link considers its device system and systems security of utmost importance across all its product lines, including networking, surveillance, storage, and entertainment solutions. 

D-Link globally, and specifically within the United States, maintains a secure development program across our supply chain and a reasonable response process to security threats as we become aware of them.

D-Link Support Announcements, which can be found at https://support.dlink.com under “Recent Announcements,” are published in regards to security issues that directly involve D-Link products and require an upgrade, fix, or other customer action.

In all security publications, D-Link discloses the minimum amount of information necessary for an end-user to assess the impact of a security risk and any potential steps needed to protect their environment. We try to provide links to the third-party author of verified security issues for accreditation and responsible disclosure. However, D-Link does not provide details that could enable someone to craft an exploit.

Our goal for products in the U.S. that are inactive and/or have reached the end of their selling lifecycle is meet a 90-day verify-patch-disclose cycle. Response time and resolution time for security issues may differ based on a product’s lifecycle, the number of affected models and revisions, and the third-party software components that are licensed but not directly developed by D-Link.

 

For security incident reports or security question regarding D-Link Devices or D-Link system please use: security@dlink.com

Please request our PGP key for encryption if you prefer to submit via PGP Encrypted email.

To learn more about our EOL policy, please click here.