Filtered by vendor Dlink Subscriptions
Filtered by product Dir-x4860 Firmware Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-45698 1 Dlink 3 Dir-4860 A1, Dir-x4860, Dir-x4860 Firmware 2024-10-15 9.8 Critical
Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device.
CVE-2024-45696 1 Dlink 4 Covr-x1870, Covr-x1870 Firmware, Dir-x4860 and 1 more 2024-09-20 8.8 High
Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the same local network as the device.
CVE-2024-45697 1 Dlink 3 Dir-4860 A1, Dir-x4860, Dir-x4860 Firmware 2024-09-20 9.8 Critical
Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded credentials.
CVE-2024-45695 1 Dlink 2 Dir-x4860, Dir-x4860 Firmware 2024-09-17 9.8 Critical
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
CVE-2024-45694 1 Dlink 4 Dir-x4860, Dir-x4860 Firmware, Dir-x5460 and 1 more 2024-09-17 9.8 Critical
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.