PT-2017-12010 · D Link · Dir-615
Published
2017-07-19
·
Updated
2021-04-23
·
CVE-2017-11436
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-615 versions prior to 20.12PTb04
Description
The issue allows remote attackers to obtain access via a TELNET connection, potentially due to a second admin account with a
BACKDOOR value of 0x1.Recommendations
For versions prior to 20.12PTb04, update to version 20.12PTb04 or later to resolve the issue. As a temporary workaround, consider disabling TELNET connections until a patch is applied. Restrict access to the admin account to minimize the risk of exploitation.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dir-615