CVE-2024-1786

Name of the Vulnerable Software and Affected Versions D-Link DIR-600M C1 version 3.08

Description A critical issue has been found in the Telnet Service component of the affected device, caused by a buffer overflow when manipulating the username argument. This can be exploited remotely, potentially allowing an attacker to execute arbitrary code. The issue affects products that are no longer supported by the maintainer and should be retired and replaced.

Recommendations For D-Link DIR-600M C1 version 3.08, it is recommended to retire and replace the device as it is no longer supported by the maintainer. As a temporary workaround, consider disabling the Telnet Service until a replacement can be implemented. Restrict access to the device to minimize the risk of exploitation. Avoid using the username argument in the Telnet Service until the issue is resolved by replacing the device.