.webp "Hidden Vulnerability in D-Link Routers Allows Attacker to Login as Admin")
A critical vulnerability has recently come to light in various models of D-Link wireless routers, potentially putting users at risk of unauthorized access by attackers who could gain administrative control over the devices without authentication. The vulnerability identified as CVE-2024-6045 has been assigned a CVSS score of 8.8, highlighting its high severity level.
Twcert, a trusted source for cybersecurity news, has reported that the vulnerability is linked to a factory testing backdoor present in specific D-Link router models. This loophole enables attackers within the local network to manipulate the devices into activating the Telnet service by simply accessing a specific URL. Through further analysis of the firmware, these attackers can acquire administrator credentials, ultimately obtaining full control over the compromised router.
The affected D-Link router models include E15, E30, G403, G415, G416, M15, M18, M30, M32, M60, R03, R04, R12, R15, R18, and R32. Users of these models are strongly urged to safeguard their devices by updating the firmware to the latest version provided by D-Link. The company has promptly responded to the issue by releasing firmware updates to address this critical vulnerability.
To mitigate the risk of exploitation, users must adhere to specific guidelines for updating their router firmware based on the affected models as follows:
– Models G403, G415, G416, M18, R03, R04, R12, R18 should be updated to firmware version 1.10.01 or later
– Models E30, M30, M32, M60, R32 should be updated to firmware version 1.10.02 or later
– Models E15, R15 should be updated to firmware version 1.20.01 or later
Security researcher Raymond was the first to uncover and report this vulnerability, prompting D-Link to acknowledge the issue and take necessary steps to provide solutions through firmware updates. It is crucial for users to promptly apply these updates to shield their routers from potential security threats that could compromise their networks.
Regularly checking for and implementing firmware updates is always recommended to bolster the security of network devices. By staying vigilant and proactive in protecting their routers, users can safeguard themselves against potential cyber threats. In an evolving digital landscape, it is essential to prioritize cybersecurity measures to prevent unauthorized access and data breaches.