CVE-2024-45698
published 2024-09-16CVE-2024-45698: Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| d-link | dir-x4860_a1 | — | — |
| d-link | dir-x4860_a1 | — | — |
| dlink | dir-x4860_firmware | — | — |
| dlink | dir-x4860_firmware | — | — |