CRITICAL🇵🇱 Wersja polska

CVE-2024-45697

CVSS 9.8v3.1pub. 2024-09-16upd. 2024-09-19

Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded credentials.

🤖 AI Analysis
How it works

The router's firmware contains a hidden mechanism that launches the telnet service when a connection on the WAN port is detected. This service uses hardcoded credentials that cannot be changed through the standard management interface. Remote attackers without any privileges can exploit these credentials to log in over the network and gain access to the device's system shell. This occurs without any user interaction and requires no special knowledge of device configuration.

Impact

Attacker gains full unauthorized access to the router's operating system, enabling execution of arbitrary OS commands — including modification of network configuration, interception of network traffic, installation of malicious software, and potential use of the device as an entry point to the internal network.

Mitigation & patch

Apply patches available from the manufacturer according to provided references. Until patches are deployed, it is recommended to restrict access to the router's WAN port and monitor unauthorized telnet connections. If the manufacturer has not released updates, consider device replacement or network isolation.

Who is affected

D-Link DIR-X4860 — specific firmware versions indicated in manufacturer references (TWCERT)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir X4860

    HW
    Dlink
    a1
  • Dlink Dir X4860 Firmware

    OS
    Dlink
    1.001.04
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-45694CRITICAL9.8PL ✓ten sam produkt

Stack-based Buffer Overflow w routerach D-Link DIR-X5460 umożliwiający RCE

CVE-2024-45695CRITICAL9.8PL ✓ten sam produkt

Stack-based Buffer Overflow w routerach D-Link DIR-X4860 umożliwiający RCE

CVE-2024-45698CRITICAL9.8PL ✓ten sam produkt

D-Link DIR-X4860: command injection przez telnet z użyciem zakodowanych poświadczeń

CVE-2024-45696HIGH8.8ten sam produkt

Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web...

CVE-2024-3272CRITICAL9.8⚠ KEVPL ✓ten sam vendor

D-Link DNS-320L/325/327L/340L — zakodowane na stałe poświadczenia (hard-coded credentials)