VYPR

wireless routers

by Dlink

CVEs (7)

  • CVE-2024-45698CriSep 16, 2024
    risk 0.64cvss 9.8epss 0.01

    Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device.

  • CVE-2024-45697CriSep 16, 2024
    risk 0.64cvss 9.8epss 0.01

    Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded credentials.

  • CVE-2024-45695CriSep 16, 2024
    risk 0.64cvss 9.8epss 0.02

    The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.

  • CVE-2024-45694CriSep 16, 2024
    risk 0.64cvss 9.8epss 0.02

    The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.

  • CVE-2024-6045HigJun 17, 2024
    risk 0.58cvss 8.8epss 0.06

    Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained…

  • CVE-2024-45696HigSep 16, 2024
    risk 0.57cvss 8.8epss 0.01

    Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be…

  • CVE-2024-6044MedJun 17, 2024
    risk 0.42cvss 6.5epss 0.00

    Certain models of D-Link wireless routers have a path traversal vulnerability. Unauthenticated attackers on the same local area network can read arbitrary system files by manipulating the URL.