Description
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware.
CVSS breakdown
CVSS 3.1
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- D-Link / E15earlier – 1.20.01
- D-Link / E30earlier – 1.10.02
- D-Link / G403earlier – 1.10.01
- D-Link / G415earlier – 1.10.01
- D-Link / G416earlier – 1.10.01
- D-Link / M18earlier – 1.10.01
- D-Link / M30earlier – 1.10.02
- D-Link / M32earlier – 1.10.02
- D-Link / M60earlier – 1.10.02
- D-Link / R03earlier – 1.10.01
- D-Link / R04earlier – 1.10.01
- D-Link / R12earlier – 1.10.01
- D-Link / R15earlier – 1.20.01
- D-Link / R18earlier – 1.10.01
- D-Link / R32earlier – 1.10.02