Millions of D-Link Routers Contain Built-In Backdoor

In several models of D-Link wireless routers, a critical vulnerability is found that allows attackers without authentication to get administrative access to devices. Vulnerability cve-2024-6045 has a high level of hazard with an estimate of 8.8 on the CVSS.

According to Twcert representatives, the problem is caused by unsolved built-in tested backdare In specific models of D-Link routers. Attackers can activate the Telnet service using a certain URL, as well as get the administrator’s accounting data, analyzing the firmware of the router. A successful attack gives full control over a compromised device.

The list of vulnerable models of routers includes: E15, E30, G403, G415, G416, M15, M18, M30, M32, M60, R03, R04, R12, R15, R18, R32.

D-Link released the firmware updates to eliminate this vulnerability. Users of these models are recommended to urgently update the firmware to the latest version to protect against potential operation of vulnerability.

Actual safe version of the firmware for each touched model is indicated below:

  • Models G403, G415, G416, M18, R03, R04, R12, R18: version 1.10.01 and more fresh;
  • E30, M30, M32, M60, R32: version and more fresh;
  • model E15, R15: version 1.20.01 and more fresh.

Users must immediately apply these firmware updates to protect their devices from attacks. Regular verification and updating of the firmware of routers is an important measure to ensure the safety of network devices.

/Reports, release notes, official announcements.