- Joined
- Nov 26, 2020
- Messages
- 714
In some models of D-Link wireless routers, a backdoor (CVE-2024-6045) has been identified that allows an unauthorized user from the local network to activate the telnet service on the device, which provides access to the system with administrator rights, using the username and password saved in the firmware. The service is enabled by accessing the device using a special URL that is accessible without passing authentication. The password can be determined by analyzing the contents of publicly available firmware. It is assumed that the backdoor was used to automate testing of devices during the production phase.
The issue affects the D-Link device models E15, E30, G403, G415, G416, M15, M18, M30, M32, M60, R03, R04, R12, R15, R18, and R32. The vulnerability is fixed in firmware update 1.10.01 for models G403, G415, G416, M18, R03, R04, R12, R18, firmware 1.10.02 for models E30, M30, M32, M60, R32 and in firmware 1.20.01 for models E15 and R15. 1.10.02 and 1.20.01.
The issue affects the D-Link device models E15, E30, G403, G415, G416, M15, M18, M30, M32, M60, R03, R04, R12, R15, R18, and R32. The vulnerability is fixed in firmware update 1.10.01 for models G403, G415, G416, M18, R03, R04, R12, R18, firmware 1.10.02 for models E30, M30, M32, M60, R32 and in firmware 1.20.01 for models E15 and R15. 1.10.02 and 1.20.01.