CRITICAL🇵🇱 Wersja polska

CVE-2024-41616

CVSS 9.8v3.1pub. 2024-08-06upd. 2024-08-07

D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service.

🤖 AI Analysis
How it works

The router firmware contains hardcoded login credentials for the Telnet service that the user cannot change or remove. An attacker with network access to the device can exploit these known credentials to log in without any prior authorization. Since the attack requires no privileges, user interaction, or special conditions, the vulnerability is exceptionally easy to exploit.

Impact

An attacker can gain full, unauthorized access to the device with administrative privileges, enabling modification of network configuration, eavesdropping on network traffic, and leveraging the device as an entry point for further attacks on internal infrastructure.

Mitigation & patch

Apply patches available from the manufacturer according to the references. As an immediate remedial action, it is recommended to block access to the Telnet service at the firewall level and restrict access to the device management interface exclusively to trusted IP addresses. If the manufacturer does not provide updates, consider replacing the device with a supported alternative.

Who is affected

D-Link DIR-300 REVA with firmware version v1.06B05_WW

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 300

    HW
    Dlink
    a
  • Dlink Dir 300 Firmware

    OS
    Dlink
    1.06b05_ww
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2013-10069CRITICAL10.0PL ✓ten sam produkt

D-Link DIR-300/DIR-600 — nieuwierzytelniony OS command injection w command.php

CVE-2013-10048CRITICAL9.3PL ✓ten sam produkt

D-Link DIR-300/DIR-600: nieuwierzytelniony command injection z uprawnieniami root

CVE-2023-31814CRITICAL9.8ten sam produkt

D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.

CVE-2013-7471CRITICAL9.8ten sam produkt

An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17...

CVE-2013-10050HIGH8.7ten sam produkt

An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A v1.05 and ...