Description

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware.

INFO

Published Date :

2024-06-17T03:12:14.137Z

Last Modified :

2024-08-01T21:25:03.244Z

Source :

twcert
AFFECTED PRODUCTS

The following products are affected by CVE-2024-6045 vulnerability.

Vendors Products
Dlink
  • E15 Firmware
  • E30 Firmware
  • G403 Firmware
  • G415 Firmware
  • G416 Firmware
  • M18 Firmware
  • M30 Firmware
  • M32 Firmware
  • M60 Firmware
  • R03 Firmware
  • R04 Firmware
  • R12 Firmware
  • R15 Firmware
  • R18 Firmware
  • R32 Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-6045.

URL Resource
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10398 cve-icon cve-icon
https://www.twcert.org.tw/en/cp-139-7880-629f5-2.html cve-icon cve-icon
https://www.twcert.org.tw/tw/cp-132-7879-da630-1.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact