Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/en/cp-139-8091-bcd52-2.html | Third Party Advisory |
https://www.twcert.org.tw/tw/cp-132-8090-bf06b-1.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
19 Sep 2024, 21:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:dlink:dir-x4860_firmware:1.00:*:*:*:*:*:*:* cpe:2.3:o:dlink:dir-x4860_firmware:1.04:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-x4860:a1:*:*:*:*:*:*:* |
|
First Time |
Dlink
Dlink dir-x4860 Dlink dir-x4860 Firmware |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | () https://www.twcert.org.tw/en/cp-139-8091-bcd52-2.html - Third Party Advisory | |
References | () https://www.twcert.org.tw/tw/cp-132-8090-bf06b-1.html - Third Party Advisory | |
CWE | CWE-798 |
16 Sep 2024, 15:30
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
16 Sep 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-16 07:15
Updated : 2024-10-15 10:15
NVD link : CVE-2024-45698
Mitre link : CVE-2024-45698
CVE.ORG link : CVE-2024-45698
JSON object : View
Products Affected
dlink
- dir-x4860_firmware
- dir-x4860