CVE-2024-45697
CRITICALDescription
Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded credentials.
Is your site exposed to CVE-2024-45697?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| dlink | dir-x4860_firmware |
| dlink | dir-x4860_firmware |
| dlink | dir-x4860 |
References
Frequently Asked Questions
What is CVE-2024-45697? +
How severe is CVE-2024-45697? +
What products are affected by CVE-2024-45697? +
How do I check if I'm vulnerable to CVE-2024-45697? +
Related Vulnerabilities
An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not …
Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized …
A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 …
The "update" binary in the firmware of the affected product sends attempts to mount to a hard-coded, routable IP address, …
Longse model LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located …
A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets …