VYPR

Dir 600l Firmware

by Dlink

CVEs (4)

  • CVE-2014-8361CriKEVMay 1, 2015
    risk 0.87cvss 9.8epss 1.00

    The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.

  • CVE-2026-42375CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.00

    D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir600l" read from /etc/alpha_config/image_sign. The…

  • CVE-2026-42374CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.00

    D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61_dlwbr_dir600L" read from /etc/alpha_config/image_sign. The…

  • CVE-2016-10405CriSep 7, 2017
    risk 0.64cvss 9.8epss 0.02

    Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) with firmware before FW1.17.B01 allows remote attackers to hijack web sessions via unspecified vectors.