The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday incorporated three legacy security weaknesses affecting D-Link routers into its Known Exploited Vulnerabilities (KEV) catalog, citing proof of ongoing exploitation in the field.
The critical vulnerabilities, dating back to 2020 and 2022, are detailed below –

CVE-2020-25078 (CVSS score: 7.5) – An unidentified flaw in D-Link