CVE-2021-34203

Name of the Vulnerable Software and Affected Versions D-Link DIR-2640-US version 1.01B04

Description The issue is related to Incorrect Access Control in the D-Link DIR-2640-US router. When setting up PPPoE, the router starts the quagga process, which uses the default password and port, allowing an attacker to easily log in using telnet. This enables the attacker to modify routing information, monitor traffic of all devices under the router, hijack DNS, and conduct phishing attacks. The interface in question may be perceived as a backdoor due to its exposure.

Recommendations For D-Link DIR-2640-US version 1.01B04, consider disabling the quagga process or changing the default password and port used by this process to prevent unauthorized access until a patch is available. Restrict access to the telnet interface to minimize the risk of exploitation. Avoid using the default settings for PPPoE configuration to reduce the vulnerability to attacks.