Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45698 | 1 Dlink | 2 Dir-x4860, Dir-x4860 Firmware | 2024-10-15 | N/A | 9.8 CRITICAL |
| Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device. | |||||
| CVE-2024-45696 | 1 Dlink | 4 Covr-x1870, Covr-x1870 Firmware, Dir-x4860 and 1 more | 2024-09-19 | N/A | 8.8 HIGH |
| Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the same local network as the device. | |||||
| CVE-2024-45697 | 1 Dlink | 2 Dir-x4860, Dir-x4860 Firmware | 2024-09-19 | N/A | 9.8 CRITICAL |
| Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded credentials. | |||||
| CVE-2024-45695 | 1 Dlink | 2 Dir-x4860, Dir-x4860 Firmware | 2024-09-17 | N/A | 9.8 CRITICAL |
| The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device. | |||||
| CVE-2024-45694 | 1 Dlink | 4 Dir-x4860, Dir-x4860 Firmware, Dir-x5460 and 1 more | 2024-09-17 | N/A | 9.8 CRITICAL |
| The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device. | |||||