Millions of D-Link routers are at risk due to several critical vulnerabilities. Security researcher Raymond identified these vulnerabilities, which have been assigned multiple CVE IDs and pose severe threats to users worldwide.
D-Link has issued urgent firmware updates to mitigate these risks. Users are strongly advised to update their devices immediately to protect against potential exploits.
CVE-2024-45694: Stack-based Buffer Overflow
The first vulnerability, CVE-2024-45694, affects the DIR-X5460 A1 and DIR-X4860 A1 models of D-Link routers. In their web service, this flaw is classified as a stack-based buffer overflow vulnerability. With a CVSS score of 9.8, it is deemed critical.
Impact
Unauthenticated, remote attackers can exploit this vulnerability to execute arbitrary code on the affected devices. This could allow attackers to control the router, leading to unauthorized access to the network and sensitive data.
Solution
D-Link has released firmware updates to address this vulnerability. Users should update the DIR-X5460 A1 to version 1.11B04 or later and the DIR-X4860 A1 to version 1.04B05 or later.
CVE-2024-45698: OS Command Injection
The second critical vulnerability, CVE-2024-45698, involves OS command injection through improper input validation in the DIR-X4860 A1 model’s telnet service. This flaw has a CVSS score of 8.8.
Impact
Attackers can use hard-coded credentials to log into the telnet service and inject arbitrary OS commands. This exploit allows attackers to execute commands on the device remotely, potentially compromising network security and data integrity.
Solution
To mitigate this risk, users should update the DIR-X4860 A1 firmware to version 1.04B05 or later.
CVE-2024-45697: Hidden Functionality
CVE-2024-45697 reveals hidden functionality in certain D-Link routers where the telnet service is enabled when the WAN port is plugged in. This vulnerability affects the DIR-X4860 A1 model and is rated with a critical CVSS score of 9.8.
Decoding Compliance: What CISOs Need to Know – Join Free Webinar
Impact
Unauthorized remote attackers can exploit this hidden functionality using hard-coded credentials to execute OS commands on the device, posing significant security threats.
Solution
Users are advised to update their DIR-X4860 A1 firmware to version 1.04B05 or later to disable this hidden functionality.
CVE-2024-45695: Another Stack-based Buffer Overflow
A similar stack-based buffer overflow vulnerability, CVE-2024-45695, affects the DIR-X4860 A1 model with a critical CVSS score of 9.8.
Impact
This vulnerability allows unauthenticated remote attackers to execute arbitrary code on the affected routers, potentially allowing unauthorized access to and control over network resources.
Solution
Updating the firmware of DIR-X4860 A1 to version 1.04B05 or later is crucial for mitigating this threat.
CVE-2024-45696: Hidden Functionality in Multiple Models
CVE-2024-45696 exposes hidden functionality in both the DIR-X4860 A1 and COVR-X1870 models. This vulnerability has a high CVSS score of 8.8.
Impact
Attackers can enable telnet services by sending specific packets to the web service and then logging in using hard-coded credentials. This access is limited to local network environments but still poses significant risks.
Solution
Users should update their DIR-X4860 A1 firmware to version 1.04B05 or later and COVR-X1870 firmware to v1.03B01 or later.
These vulnerabilities highlight the importance of maintaining updated firmware on networking devices like routers.
The potential for unauthorized access and control underscores a pressing need for vigilance among users and IT administrators alike, as a report by Twcert.
D-Link has responded promptly with necessary patches, but users must ensure their devices are secured by applying these updates immediately. Failure to do so could result in severe security breaches affecting personal and organizational networks.
Stay informed and proactive in safeguarding your digital environment by regularly checking for updates and following best practices in cybersecurity hygiene.
Simulating Cyberattack Scenarios With All-in-One Cybersecurity Platform – Watch Free Webinar