Dir X4860 Firmware

dir-x4860_firmware

Vendor: Dlink • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-45698 1Dlink 1Dir X4860 Firmware Oct 15, 2024 Sep 16, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS comm...Show more Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device.Show less
CVE-2024-45697 1Dlink 1Dir X4860 Firmware Sep 19, 2024 Sep 16, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded...Show more Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded credentials.Show less
CVE-2024-45696 1Dlink 2Covr X1870 Firmware Dir X4860 Firmware Sep 19, 2024 Sep 16, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The tel...Show more Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the same local network as the device.Show less
CVE-2024-45695 1Dlink 1Dir X4860 Firmware Sep 17, 2024 Sep 16, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on...Show more The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.Show less
CVE-2024-45694 1Dlink 2Dir X4860 Firmware Dir X5460 Firmware Sep 17, 2024 Sep 16, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on...Show more The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.Show less