CVE-2020-9279

Name of the Vulnerable Software and Affected Versions D-Link DSL-2640B version B2 EU 4.01B

Description The issue is related to the use of hard-coded account credentials in the D-Link DSL-2640B router. This allows an attacker to log in to the management interface with high privileges, enabling them to perform critical tasks and gain full control of the device. The vulnerability can be exploited remotely, potentially allowing an attacker to elevate their privileges.

Recommendations For D-Link DSL-2640B version B2 EU 4.01B, consider changing the default credentials and restricting access to the management interface as a temporary workaround until a patch is available. Additionally, avoid using the hard-coded account for login purposes to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.