Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-45696

Summary
Assigner-twcert
Assigner Org ID-cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e
Published At-16 Sep, 2024 | 06:45
Updated At-16 Sep, 2024 | 13:44
Rejected At-
Credits

D-Link WiFi router - Hidden Functionality

Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the same local network as the device.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:twcert
Assigner Org ID:cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e
Published At:16 Sep, 2024 | 06:45
Updated At:16 Sep, 2024 | 13:44
Rejected At:
▼CVE Numbering Authority (CNA)
D-Link WiFi router - Hidden Functionality

Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the same local network as the device.

Affected Products
Vendor
D-Link CorporationD-Link
Product
DIR-X4860 A1
Default Status
unaffected
Versions
Affected
  • 1.00
  • 1.04
Vendor
D-Link CorporationD-Link
Product
COVR-X1870
Default Status
unaffected
Versions
Affected
  • From 0 through 1.02 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-912CWE-912 Hidden Functionality
Type: CWE
CWE ID: CWE-912
Description: CWE-912 Hidden Functionality
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-36CAPEC-36 Using Unpublished Interfaces or Functionality
CAPEC ID: CAPEC-36
Description: CAPEC-36 Using Unpublished Interfaces or Functionality
Solutions

Update firmware of DIR-X4860 A1 to version 1.04B05 or later. Update frimware of COVR-X1870 to v1.03B01 or later.

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.twcert.org.tw/tw/cp-132-8086-93ed5-1.html
third-party-advisory
https://www.twcert.org.tw/en/cp-139-8087-c3e70-2.html
third-party-advisory
Hyperlink: https://www.twcert.org.tw/tw/cp-132-8086-93ed5-1.html
Resource:
third-party-advisory
Hyperlink: https://www.twcert.org.tw/en/cp-139-8087-c3e70-2.html
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
D-Link Corporationdlink
Product
covr-x1870_firmware
CPEs
  • cpe:2.3:o:dlink:covr-x1870_firmware:*:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 through 1.02 (custom)
Vendor
D-Link Corporationdlink
Product
dir-x4860_firmware
CPEs
  • cpe:2.3:o:dlink:dir-x4860_firmware:*:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • 1.00
  • 1.04
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:twcert@cert.org.tw
Published At:16 Sep, 2024 | 07:15
Updated At:19 Sep, 2024 | 21:42

Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the same local network as the device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
D-Link Corporation
dlink
>>covr-x1870_firmware>>Versions before 1.03b01(exclusive)
cpe:2.3:o:dlink:covr-x1870_firmware:*:*:*:*:*:*:*:*
D-Link Corporation
dlink
>>covr-x1870>>*
cpe:2.3:h:dlink:covr-x1870:*:*:*:*:*:*:*:*
D-Link Corporation
dlink
>>dir-x4860_firmware>>1.00
cpe:2.3:o:dlink:dir-x4860_firmware:1.00:*:*:*:*:*:*:*
D-Link Corporation
dlink
>>dir-x4860_firmware>>1.04
cpe:2.3:o:dlink:dir-x4860_firmware:1.04:*:*:*:*:*:*:*
D-Link Corporation
dlink
>>dir-x4860>>a1
cpe:2.3:h:dlink:dir-x4860:a1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-912Primarytwcert@cert.org.tw
CWE ID: CWE-912
Type: Primary
Source: twcert@cert.org.tw
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.twcert.org.tw/en/cp-139-8087-c3e70-2.htmltwcert@cert.org.tw
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-8086-93ed5-1.htmltwcert@cert.org.tw
Third Party Advisory
Hyperlink: https://www.twcert.org.tw/en/cp-139-8087-c3e70-2.html
Source: twcert@cert.org.tw
Resource:
Third Party Advisory
Hyperlink: https://www.twcert.org.tw/tw/cp-132-8086-93ed5-1.html
Source: twcert@cert.org.tw
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

207Records found
CVE-2024-44382
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.68% / 70.66%
||
7 Day CHG~0.00%
Published-23 Aug, 2024 | 00:00
Updated-26 Aug, 2024 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd upgrade_filter_asp function.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di_8004w_firmwaredi_8004wn/adi-8004w_firmware
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-44334
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.37% / 57.96%
||
7 Day CHG~0.00%
Published-09 Sep, 2024 | 00:00
Updated-09 Sep, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution due to insufficient parameter filtering in the CGI handling function of upgrade_filter.asp.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-n/adi-7400g\+v2_firmwaredi-7003gv2_firmwaredi-7200gv2_firmwaredi-7100gv2_firmwaredi-7100g\+v2_firmwaredi-7003g_firmwaredi-7200g\+v2_firmware
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-44335
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.12% / 32.31%
||
7 Day CHG~0.00%
Published-09 Sep, 2024 | 00:00
Updated-09 Sep, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DI-7003G v19.12.24A1, DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution (RCE) via version_upgrade.asp.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-n/adi-7400g\+v2_firmwaredi-7003gv2_firmwaredi-7200gv2_firmwaredi-7100gv2_firmwaredi-7100g\+v2_firmwaredi-7003g_firmwaredi-7200g\+v2_firmware
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-27248
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.66% / 70.13%
||
7 Day CHG~0.00%
Published-14 Apr, 2021 | 15:45
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the getpage parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-10932.

Action-Not Available
Vendor-D-Link Corporation
Product-dap-2020dap-2020_firmwareDAP-2020
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-20132
Matching Score-8
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-8
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-0.47% / 63.61%
||
7 Day CHG~0.00%
Published-30 Dec, 2021 | 21:30
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote attacker to gain administrative access to the zebra or ripd those services. Both are running with root privileges on the router (i.e., as the "admin" user, UID 0).

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-2640-usdir-2640-us_firmwareQuagga Services on D-Link DIR-2640 Routers
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-33343
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-7.87% / 91.67%
||
7 Day CHG~0.00%
Published-26 Apr, 2024 | 00:00
Updated-02 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-n/adir-822_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-45697
Matching Score-6
Assigner-TWCERT/CC
ShareView Details
Matching Score-6
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 65.40%
||
7 Day CHG~0.00%
Published-16 Sep, 2024 | 06:48
Updated-19 Sep, 2024 | 21:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link WiFi router - Hidden Functionality

Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded credentials.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-x4860_firmwaredir-x4860DIR-X4860 A1dir-4860_a1
CWE ID-CWE-912
Hidden Functionality
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found