D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands.
The vulnerability consists of the presence of fixed, hard-coded credentials (CWE-798 – Use of Hard-coded Credentials) embedded in the firmware in the Telnet service. An attacker who knows these credentials (which may be publicly available or extractable from the firmware image) can remotely connect to the Telnet service on the device. After authentication, the attacker gains the ability to execute arbitrary system commands on the router. The attack requires no prior privileges or user interaction.
The attacker gains full remote access to the router's operating system with the ability to execute arbitrary commands, which may lead to complete device takeover, modification of network configuration, interception of network traffic, or use of the device as an entry point to the local network.
Patches available from the manufacturer should be applied according to the references (https://www.dlink.com/en/security-bulletin/). As a temporary measure, it is recommended to block access to the Telnet service on the firewall and restrict device access exclusively to trusted IP addresses. If firmware updates are not available, replacement of the device with a supported one should be considered.
D-Link DIR-820LW REVB with firmware version PATCH 2.03.B01_TC
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDlink Dir 820lw
HWDlinkb1.0Dlink Dir 820lw Firmware
OSDlink2.03
Related vulnerabilities
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW...
A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgi_main of the componen...
D-Link DNS-320L/325/327L/340L — zakodowane na stałe poświadczenia (hard-coded credentials)
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to roo...
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli para...