Mav Levin

**Name of the Vulnerable Software and Affected Versions** D-Link Router model DIR-842 version 3.0.2 **Description** The issue concerns an authentication brute-force protection mechanism bypass in the telnetd service. This bypass allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack. **Recommendations** For D-Link Router model DIR-842 version 3.0.2, consider disabling the telnet service until a patch is available to prevent exploitation of the brute-force protection bypass. Restrict access to the telnetd service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.