CVE-2024-37630

Name of the Vulnerable Software and Affected Versions D-Link DIR-605L version 2.13B01

Description A hardcoded password vulnerability was discovered in the /etc/passwd component of the D-Link DIR-605L router's firmware. This issue allows attackers to log in as root, potentially granting them full system access. The vulnerability can be exploited by remote attackers.

Recommendations For D-Link DIR-605L version 2.13B01, consider changing the hardcoded password in /etc/passwd to a unique and secure password as a temporary workaround. Restrict access to the /etc/passwd file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.