CVE-2024-6045

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jun 17, 2024

CWE ID 912

CWE ID 798

Summary

CVE-2024-6045 reveals a hidden backdoor in certain D-Link wireless routers, allowing unauthenticated attackers on the local network to enable Telnet service via a specific URL. After gaining this access, they can use the hardcoded administrator credentials, which have been discovered through firmware analysis, to log in and potentially gain further control over the device. This vulnerability poses a significant risk, particularly in unsecured networks, and underscores the importance of timely firmware updates and strong network security practices.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wgnOGE
https://www.cve.org/CVERecord?id=CVE-2024-6045
https://nvd.nist.gov/vuln/detail/CVE-2024-6045

Back to Vulnerability Database

CVE-2024-6045

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations