<\/div>\n

D-Link fixed multiple critical flaws in its WiFi 6 routers that allow remote attackers to execute arbitrary code or gain hardcoded credentials.<\/h2>\n\n\n\n

D-Link has addressed three critical vulnerabilities, tracked as CVE-2024-45694<\/strong><\/a>, CVE-2024-45695<\/strong><\/a>, CVE-2024-45697<\/strong><\/a><\/gwmw>, impacting three wireless router models. The flaws can allow attackers to remotely execute arbitrary code or access the devices using hardcoded credentials.<\/p>\n\n\n\n

The manufacturer also addressed two high-severity vulnerabilities, tracked as CVE-2024-45696<\/strong><\/a> and CVE-2024-45698<\/strong><\/a>.<\/p>\n\n\n\n

On June 8, 2021, the TWCERT reported the vulnerabilities in D-Link DIR-X5460 to the company.<\/p>\n\n\n\n

“When D-Link became aware of the reported security issues, we promptly started investigating and developing security patches. The third-party publicly disclosed the problem before the patches were available on our standard 90-day security patch release schedule.” reads the advisory<\/strong><\/a>. “We do not recommend that security researchers act in this manner, as they expose end-users to further risks without patches being available from the manufacturer.”<\/p>\n\n\n\n

Below are the descriptions of the issues addressed by D-Link:<\/p>\n\n\n\n

CVE-2024-45694<\/strong><\/a>\u00a0(9.8 critical): The issue is a stack-based buffer overflow in the web service of certain models of D-Link wireless routers. Unauthenticated remote attackers could exploit this vulnerability to execute arbitrary code on the device. The issue impacts:<\/p>\n\n\n\n

\n
• DIR-X5460 A1 frimware version 1.01, 1.02, 1.04, 1.10<\/li>\n\n\n\n
• DIR-X4860 A1 firmware version 1.00, 1.04<\/li>\n<\/ul>\n\n\n\n

  CVE-2024-45695<\/strong><\/a>\u00a0(9.8 critical): The issue is a stack-based buffer overflow in the web service of certain models of D-Link wireless routers. Unauthenticated remote attackers could exploit this vulnerability to execute arbitrary code on the device. The issue impacts:<\/p>\n\n\n\n

  CVE-2024-45697<\/strong><\/a>\u00a0(9.8 critical): Certain D-Link router models have a hidden feature that enables the telnet service when the WAN port is connected. This allows unauthorized remote attackers to log in and execute OS commands using hard-coded credentials. The issue impacts:<\/gwmw><\/p>\n\n\n\n

  \n
  • DIR-X4860 A1 firmware version 1.00, 1.04<\/gwmw><\/li>\n<\/ul>\n\n\n\n

    CVE-2024-45696<\/strong><\/a>\u00a0(8.8 high): Certain D-Link router models have hidden functionality that allows attackers to enable the telnet service by sending specific packets to the web service. Once enabled, attackers can log in using hard-coded credentials, but the telnet access is limited to the local network. The issue impacts:<\/p>\n\n\n\n

    \n
    • DIR-X4860 A1 firmware version 1.00, 1.04.<\/li>\n\n\n\n
    • COVR-X1870 firmware version v1.02 and earlier.<\/li>\n<\/ul>\n\n\n\n

      CVE-2024-45698<\/strong><\/a>\u00a0(8.8 high): Certain D-Link router models have a vulnerability in the telnet service that allows unauthenticated remote attackers to log in using hard-coded credentials and execute arbitrary OS commands due to improper input validation. The issue impacts:<\/p>\n\n\n\n

      \n
      • DIR-X4860 A1 firmware version 1.00, 1.04<\/gwmw><\/gwmw><\/gwmw><\/li>\n<\/ul>\n\n\n\n

        The company addressed the vulnerabilities in the security bulletin<\/a> in the versions v1.03B01 for COVR-X1870, v1.04B05 for DIR-X4860, and DIR-X5460A1_V1.11B04 for DIR-X5460.<\/p>\n\n\n\n

        The Taiwanese manufacturer did not reveal if one of the issues in the security bulletin has been actively exploited in attacks in the wild.<\/p>\n\n\n\n

        Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/strong><\/a><\/p>\n\n\n\n

        Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n

        (<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, RCE)\u00a0<\/strong><\/gwmw><\/gwmw><\/p>\n","protected":false},"excerpt":{"rendered":"

        D-Link fixed multiple critical flaws in its WiFi 6 routers that allow remote attackers to execute arbitrary code or gain hardcoded credentials. D-Link has addressed three critical vulnerabilities, tracked as CVE-2024-45694, CVE-2024-45695, CVE-2024-45697, impacting three wireless router models. The flaws can allow attackers to remotely execute arbitrary code or access the devices using hardcoded credentials. […]<\/p>\n","protected":false},"author":1,"featured_media":95928,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,4966,55],"tags":[1382,4112,9508,9506,1693,10918,687,4594,841,1533],"class_list":["post-168471","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-iot","category-security","tag-d-link","tag-hacking","tag-hacking-news","tag-information-security-news","tag-iot","tag-it-information-security","tag-pierluigi-paganini","tag-rce","tag-security-affairs","tag-security-news"],"yoast_head":"\n