CVE-2026-42372

Name of the Vulnerable Software and Affected Versions D-Link DIR-605L Hardware Revision A1

Description A hardcoded telnet backdoor exists where the device starts a telnet daemon at boot via the /bin/telnetd.sh script. The system uses a static username "Alphanetworks" and password "wrgn35 dlwbr dir605l" stored in /etc/alpha config/image sign. The custom telnetd binary utilizes a -u user:password flag, and the login binary employs the strcmp() function to validate credentials. An unauthenticated attacker on the local network can use these credentials to gain a root shell with full administrative control.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.