Introduction

Once a product becomes End-of-Life (EoL), vendors tend to no longer maintain its firmware or software, including providing bug fixes and security patches. This makes EoL devices susceptible to attacks. For instance, a report showed that an EoL model with thousands of active devices was exploited to redirect web traffic for malicious purposes.
To shed light on the (in)security of EoL devices, our study performs the aliveness analysis and the vulnerability analysis. The first one aims to detect the scale of EoL devices that are still alive. The second one is to evaluate the vulnerabilities existing in EoL devices. To the best of our knowledge, this is the first systematic study of evaluating the security impact of EoL devices.
We applied our approach to 894 EoL models from D-Link, Tp-Link, and Netgear. This site shows the live data and vulnerabilities of EoL devices. You can find more information about our study in the paper.

2,170,316 Active EoL Devices
280 Vulnerabilities in EoL Devices
1,192,233 Vulnerable Active EoL Devices

Most Active Models

TL-WR740N
router
Tp-Link
None
386,766
0
Unknown
TL-WR720N
router
Tp-Link
None
191,165
0
Unknown
DCS-932L
internet camera
D-Link
2019-05-01
183,265
5
Medium
DCS-2330L
internet camera
D-Link
2020-03-01
153,967
1
Medium
DCS-930L
internet camera
D-Link
2018-10-31
141,827
6
High
DCS-935L
internet camera
D-Link
2020-03-31
126,238
2
High
DSL-2640B
router
D-Link
2013-05-05
125,608
10
High
DCS-2132L
internet camera
D-Link
2019-06-01
113,391
1
Medium
TD-8840T
router
Tp-Link
None
103,829
0
Unknown
TL-WR741ND
router
Tp-Link
None
58,692
0
Unknown

Number of Active EoL Devices

    * Because we added more EoL models on November 7, 2020, there is a boost of the active EoL devices.

Geographical Distribution of Active EoL Devices

Vulnerabilities List

Identifier Type Affected Version Risk Rank Exposed Date
- - - - -