CRITICAL🇵🇱 Wersja polska

CVE-2024-41610

CVSS 9.8v3.1pub. 2024-07-30upd. 2025-09-29

D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands.

🤖 AI Analysis
How it works

The vulnerability consists of the presence of fixed, hard-coded credentials (CWE-798 – Use of Hard-coded Credentials) embedded in the firmware in the Telnet service. An attacker who knows these credentials (which may be publicly available or extractable from the firmware image) can remotely connect to the Telnet service on the device. After authentication, the attacker gains the ability to execute arbitrary system commands on the router. The attack requires no prior privileges or user interaction.

Impact

The attacker gains full remote access to the router's operating system with the ability to execute arbitrary commands, which may lead to complete device takeover, modification of network configuration, interception of network traffic, or use of the device as an entry point to the local network.

Mitigation & patch

Patches available from the manufacturer should be applied according to the references (https://www.dlink.com/en/security-bulletin/). As a temporary measure, it is recommended to block access to the Telnet service on the firewall and restrict device access exclusively to trusted IP addresses. If firmware updates are not available, replacement of the device with a supported one should be considered.

Who is affected

D-Link DIR-820LW REVB with firmware version PATCH 2.03.B01_TC

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 820lw

    HW
    Dlink
    b1.0
  • Dlink Dir 820lw Firmware

    OS
    Dlink
    2.03
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-45382CRITICAL9.8⚠ KEVten sam produkt

A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW...

CVE-2026-4499MEDIUM5.5ten sam produkt

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgi_main of the componen...

CVE-2024-3272CRITICAL9.8⚠ KEVPL ✓ten sam vendor

D-Link DNS-320L/325/327L/340L — zakodowane na stałe poświadczenia (hard-coded credentials)

CVE-2023-25280CRITICAL9.8⚠ KEVten sam vendor

OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to roo...

CVE-2016-20017CRITICAL9.8⚠ KEVten sam vendor

D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli para...