← volver
CVE-2024-45696

D-Link WiFi router - Hidden Functionality

CVSS 8.8 HIGHEPSS 0.6%CWE-912
Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the same local network as the device.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
D-Link · COVR-X1870D-Link · DIR-X4860 A1

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.twcert.org.tw/en/cp-139-8087-c3e70-2.htmlhttps://www.twcert.org.tw/tw/cp-132-8086-93ed5-1.html