Thursday, December 5, 2024
HomeCVE/vulnerabilityCritical Vulnerabilities Impact Million of D-Link Routers, Patch Now!

Critical Vulnerabilities Impact Million of D-Link Routers, Patch Now!

Published on

SIEM as a Service

Millions of D-Link routers are at risk due to several critical vulnerabilities. Security researcher Raymond identified these vulnerabilities, which have been assigned multiple CVE IDs and pose severe threats to users worldwide.

D-Link has issued urgent firmware updates to mitigate these risks. Users are strongly advised to update their devices immediately to protect against potential exploits.

CVE-2024-45694: Stack-based Buffer Overflow

The first vulnerability, CVE-2024-45694, affects the DIR-X5460 A1 and DIR-X4860 A1 models of D-Link routers. In their web service, this flaw is classified as a stack-based buffer overflow vulnerability. With a CVSS score of 9.8, it is deemed critical.

- Advertisement - SIEM as a Service

Impact

Unauthenticated, remote attackers can exploit this vulnerability to execute arbitrary code on the affected devices. This could allow attackers to control the router, leading to unauthorized access to the network and sensitive data.

Solution

D-Link has released firmware updates to address this vulnerability. Users should update the DIR-X5460 A1 to version 1.11B04 or later and the DIR-X4860 A1 to version 1.04B05 or later.

CVE-2024-45698: OS Command Injection

The second critical vulnerability, CVE-2024-45698, involves OS command injection through improper input validation in the DIR-X4860 A1 model’s telnet service. This flaw has a CVSS score of 8.8.

Impact

Attackers can use hard-coded credentials to log into the telnet service and inject arbitrary OS commands. This exploit allows attackers to execute commands on the device remotely, potentially compromising network security and data integrity.

Solution

To mitigate this risk, users should update the DIR-X4860 A1 firmware to version 1.04B05 or later.

CVE-2024-45697: Hidden Functionality

CVE-2024-45697 reveals hidden functionality in certain D-Link routers where the telnet service is enabled when the WAN port is plugged in. This vulnerability affects the DIR-X4860 A1 model and is rated with a critical CVSS score of 9.8.

Decoding Compliance: What CISOs Need to Know – Join Free Webinar

Impact

Unauthorized remote attackers can exploit this hidden functionality using hard-coded credentials to execute OS commands on the device, posing significant security threats.

Solution

Users are advised to update their DIR-X4860 A1 firmware to version 1.04B05 or later to disable this hidden functionality.

CVE-2024-45695: Another Stack-based Buffer Overflow

A similar stack-based buffer overflow vulnerability, CVE-2024-45695, affects the DIR-X4860 A1 model with a critical CVSS score of 9.8.

Impact

This vulnerability allows unauthenticated remote attackers to execute arbitrary code on the affected routers, potentially allowing unauthorized access to and control over network resources.

Solution

Updating the firmware of DIR-X4860 A1 to version 1.04B05 or later is crucial for mitigating this threat.

CVE-2024-45696: Hidden Functionality in Multiple Models

CVE-2024-45696 exposes hidden functionality in both the DIR-X4860 A1 and COVR-X1870 models. This vulnerability has a high CVSS score of 8.8.

Impact

Attackers can enable telnet services by sending specific packets to the web service and then logging in using hard-coded credentials. This access is limited to local network environments but still poses significant risks.

Solution

Users should update their DIR-X4860 A1 firmware to version 1.04B05 or later and COVR-X1870 firmware to v1.03B01 or later.

These vulnerabilities highlight the importance of maintaining updated firmware on networking devices like routers.

The potential for unauthorized access and control underscores a pressing need for vigilance among users and IT administrators alike, as a report by Twcert. 

D-Link has responded promptly with necessary patches, but users must ensure their devices are secured by applying these updates immediately. Failure to do so could result in severe security breaches affecting personal and organizational networks. 

Stay informed and proactive in safeguarding your digital environment by regularly checking for updates and following best practices in cybersecurity hygiene.

Simulating Cyberattack Scenarios With All-in-One Cybersecurity Platform – Watch Free Webinar

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks

I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and...

ChatGPT Next Web Vulnerability Let Attackers Exploit Endpoint to Perform SSRF

Researchers released a detailed report on a significant security vulnerability named CVE-2023-49785, affecting the...

Cisco NX-OS Vulnerability Allows Attackers to Bypass Image Signature Verification

A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially...

Deloitte UK Hacked – Brain Cipher Group Claim to Have Stolen 1 TB of Data

Brain Cipher has claimed to have breached Deloitte UK and exfiltrated over 1 terabyte...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks

I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and...

ChatGPT Next Web Vulnerability Let Attackers Exploit Endpoint to Perform SSRF

Researchers released a detailed report on a significant security vulnerability named CVE-2023-49785, affecting the...

Cisco NX-OS Vulnerability Allows Attackers to Bypass Image Signature Verification

A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially...