go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

D-Link router - Hidden Backdoor

TVN ID TVN-202406013
CVE ID CVE-2024-6045
CVSS 8.8 (High)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products E15, E30, G403, G415, G416, M15, M18, M30, M32, M60, R03, R04, R12, R15, R18, R32
Description Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware.
Solution Please update firmware of following models to 1.10.01 or later version:
G403, G415, G416, M18, R03, R04, R12, R18

Please update firmware of following models to 1.10.02 or later version:
E30, M30, M32, M60, R32

Please update firmware of following models to 1.20.01 or later version:
E15, M15, R15
Credit raymond
Public Date 2024-06-17
Top