CVE-2024-6045
published 2024-06-17CVE-2024-6045: Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the…
high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| d-link | e15 | >= earlier < 1.20.01 | 1.20.01 |
| d-link | e30 | >= earlier < 1.10.02 | 1.10.02 |
| d-link | g403 | >= earlier < 1.10.01 | 1.10.01 |
| d-link | g415 | >= earlier < 1.10.01 | 1.10.01 |
| d-link | g416 | >= earlier < 1.10.01 | 1.10.01 |
| d-link | m18 | >= earlier < 1.10.01 | 1.10.01 |
| d-link | m30 | >= earlier < 1.10.02 | 1.10.02 |
| d-link | m32 | >= earlier < 1.10.02 | 1.10.02 |
| d-link | m60 | >= earlier < 1.10.02 | 1.10.02 |
| d-link | r03 | >= earlier < 1.10.01 | 1.10.01 |
| d-link | r04 | >= earlier < 1.10.01 | 1.10.01 |
| d-link | r12 | >= earlier < 1.10.01 | 1.10.01 |
| d-link | r15 | >= earlier < 1.20.01 | 1.20.01 |
| d-link | r18 | >= earlier < 1.10.01 | 1.10.01 |
| d-link | r32 | >= earlier < 1.10.02 | 1.10.02 |