Backdoor Found in D-Link Routers

Security Vulnerability Discovered in Some D-Link Wireless Routers

In a recent disclosure, D-Link revealed a backdoor (CVE-2024-6045) present in some models of wireless routers. This backdoor allows an unauthorized user from the local network to enable the Telnet service, giving access to the system with administrator rights using login credentials stored in the firmware. The service can be activated by visiting a specific URL without requiring authentication. The password can be identified by analyzing the contents of the public firmware. It is suspected that the backdoor was initially used for automating testing during production.

The issue affects models such as d-Link E15, E30, G403, G415, G416, M15, M18, M30, M32, M60, R03, R04, R12, R15, R18, and R32. D-Link has addressed this vulnerability with firmware updates 1.10.01 for models G403, G415, G416, M18, R03, R04, R12, R18, firmware 1.10.02 for models E30, M30, M32, M60, R32, and firmware 1.20.01 for models E15 and R15.

/Reports, release notes, official announcements.