Taiwan’s CERT has warned about a serious security issue with D-Link wireless routers, affecting many models. This vulnerability could let attackers on the local network access the router’s Telnet service using basic administrator credentials
CVE-2024-6045
By infosecbulletin
/ Thursday , September 5 2024
CISCO released security updates for two critical security flaws impacting its smart Licensing Utility that could allow unauthenticated, remote attackers...
Read More
By infosecbulletin
/ Wednesday , September 4 2024
OpenBAS is a platform that helps organizations to plan, schedule, and conduct crisis exercises, adversary simulations, and breach simulations. OpenBAS...
Read More
By infosecbulletin
/ Wednesday , September 4 2024
Zyxel has released software updates to fix a serious security issue in certain access point (AP) and security router versions....
Read More
By infosecbulletin
/ Tuesday , September 3 2024
VMware released a security advisory for a major vulnerability in the VMware Fusion product. This vulnerability could be exploited by...
Read More
By infosecbulletin
/ Tuesday , September 3 2024
Indian Computer Emergency Response Team (CERT-IN) issued advisories about multiple vulnerabilities in various Palo Alto Networks applications. Attackers could exploit...
Read More
By infosecbulletin
/ Tuesday , September 3 2024
Malaysia is quickly becoming a leading choice for investing in data centers. It aims to generate RM3.6 billion (US$781 million)...
Read More
By infosecbulletin
/ Tuesday , September 3 2024
US authorities have issued a cybersecurity advisory about a ransomware group called RansomHub. The group is thought to have stolen data...
Read More
By infosecbulletin
/ Tuesday , September 3 2024
There is a new way to attack Atlassian Confluence using the vulnerability CVE-2023-22527. The Confluence Data Center and Server products...
Read More
By infosecbulletin
/ Tuesday , September 3 2024
The Cicada3301 ransomware is made in Rust and attacks Windows and Linux/ESXi hosts. Truesec researchers examined a version that targets...
Read More
By infosecbulletin
/ Tuesday , September 3 2024
Lloyds Bank and Virgin Money's internet banking services were down on Monday, causing trouble for users to access and view...
Read More
Certain D-Link router models have a hidden backdoor that was recently discovered. This flaw allows attackers on the same network to gain unauthorized control over the router by accessing a specific URL, enabling the Telnet service, and using administrator credentials obtained from firmware analysis. This poses significant security risks.
The affected D-Link router models are: E15, E30, G403, G415, G416, M15, M18, M30, M32, M60, R03, R04, R12, R15, R18, and R32.
D-Link released firmware updates to fix the CVE-2024-6045 (CVSS 8.8) vulnerability. Users should update their router’s firmware to the specified versions or later.
G403, G415, G416, M18, R03, R04, R12, R18: Update to firmware version 1.10.01 or later.
E30, M30, M32, M60, R32: Update to firmware version 1.10.02 or later.
E15, R15: Update to firmware version 1.20.01 or later.
Ensure the successful update by comparing the router’s displayed firmware version with the downloaded update.
D-Link is working on releasing official firmware updates, but for now, there may be beta versions available. However, users should be careful when using beta software, as it is still being tested and might not be completely stable. D-Link is not responsible for any problems that might occur from using beta firmware.
You can visit D-Link’s website for more info and to download the latest firmware updates.