Should I disable the wpad.dlink?
I have read recently very bad things about WPAD vulnerability for example here nakedsecurity.sophos.com/2016/05/25/when-domain-names-attack-the-wpad-name-collision-vulnerability/ (article from 2016) or here blog.redteam.pl/2019/05/badwpad-dns-suffix-wpad-wpadblocking-com.html. (article from 2019) How to defend against it? If I only use wifi only from my home network, am I also at risk? Should I disable it?
No, you should not disable the wpad.dlink.
You are not supposed to run your HOME/Enterprise network under a valid internet subdomain name. Depending on your ISP, your computer should have received from DHCP server parameters giving it a FQDN like mylovelyPC.ISPName.loc. or something like that. If you are running an Enterprise network, you are either using split brain DNS (eg your contoso.com enterprise network is not using the same DNS server and zones from the inner side and the outer side), or two different domains (contoso.loc for LAN and contoso.com) for internet facing servers. All these attacks rely on the fact that the PC is using a FQDN which is a subdomain of an REAL internet domain and that the LOCAL DNS is unable to respond to WPAD host queries.
Example: You named your network contoso.org.uk, PCs will search for wpad.contoso.org.uk (should reply,) wpad.org.uk (you do not control that one,) wpad.uk (you do not control that one either.) So, if your IT mis-configured your enterprise DNS configuration, you may be at risk, IF someone manages to register wpad.uk or wpad.org.uk. Looks like there are a lot of people in Poland (.pl) who run mis-configured DNS infrastructure. 8) By the way, on Windows DNS Servers, the option to block has been there for 10 years, is enabled by default and is called globalQueryBlockList.
Example: dnscmd /info /enableglobalqueryblocklist