D-Link Dir-X4860 A1 vulnerabilities
5 known vulnerabilities affecting d-link/dir-x4860_a1.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH1
Vulnerabilities
Page 1 of 1
CVE-2024-45697CRITICALCVSS 9.8v1.00v1.042024-09-16
CVE-2024-45697 [CRITICAL] CWE-912 CVE-2024-45697: Certain models of D-Link wireless routers have a hidden functionality where the telnet service is en
Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded credentials.
cvelistv5nvd
CVE-2024-45698CRITICALCVSS 9.8v1.00v1.042024-09-16
CVE-2024-45698 [CRITICAL] CWE-78 CVE-2024-45698: Certain models of D-Link wireless routers do not properly validate user input in the telnet service,
Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device.
cvelistv5nvd
CVE-2024-45695CRITICALCVSS 9.8v1.00v1.042024-09-16
CVE-2024-45695 [CRITICAL] CWE-121 CVE-2024-45695: The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
cvelistv5nvd
CVE-2024-45694CRITICALCVSS 9.8v1.00v1.042024-09-16
CVE-2024-45694 [CRITICAL] CWE-121 CVE-2024-45694: The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
cvelistv5nvd
CVE-2024-45696HIGHCVSS 8.8v1.00v1.042024-09-16
CVE-2024-45696 [HIGH] CWE-912 CVE-2024-45696: Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets
Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the same local network as the device.
cvelistv5nvd