CVE-2024-41611

Vulnerability

The Telnet service in D-Link DIR-860L REVA firmware version 1.10..B04 contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service. This vulnerability exists due to the presence of static credentials within the firmware, which are not configurable by the user.

Exploitation

An attacker with network access to the device can connect to the Telnet service (default port 23) and use the hardcoded credentials to authenticate. No prior authentication or user interaction is required. The attacker can then issue arbitrary commands via the Telnet session.

Impact

Successful exploitation allows the attacker to gain remote, unauthenticated access to the device with full administrative privileges. This can lead to complete compromise of confidentiality, integrity, and availability of the device, including the ability to modify settings, exfiltrate data, or use the device as a pivot point.

Mitigation

As of the publication date, D-Link has not released a specific patch for this vulnerability. The device may be end-of-life (EOL). Users should consult the D-Link security bulletin [1] for any updates. Mitigations include disabling the Telnet service if not required, or restricting network access to the device via firewalls.