CRITICAL🇵🇱 Wersja polska

CVE-2024-41611

CVSS 9.8v3.1pub. 2024-07-30upd. 2025-09-29

In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands.

🤖 AI Analysis
How it works

The vulnerability results from the presence of hardcoded credentials (CWE-798) embedded directly in the device firmware. The Telnet service available over the network accepts these static login credentials, which the user cannot change or remove in a standard way. An attacker who knows these credentials can establish a Telnet session from anywhere on the network and gain interactive access to the device's system shell.

Impact

An attacker gains full, unauthorized access to the device with the ability to execute arbitrary commands — which can result in router takeover, modification of network configuration, interception of network traffic, or use of the device as a pivot point for further attacks (lateral movement).

Mitigation & patch

Apply patches available from the manufacturer in accordance with the references (https://www.dlink.com/en/security-bulletin/). If a patch is not available, it is recommended to block access to the Telnet service at the firewall level and restrict access to the management interface solely to trusted IP addresses. Consider replacing the device if the manufacturer does not provide updates.

Who is affected

D-Link DIR-860L REVA with firmware PATCH 1.10.B04

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 860l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 860l Firmware

    OS
    Dlink
    1.10b04
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-6530CRITICAL9.8⚠ KEVten sam produkt

OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMW...

CVE-2024-42812CRITICAL9.8PL ✓ten sam produkt

Buffer overflow w D-Link DIR-860L v2.03 — brak weryfikacji długości pola SID

CVE-2018-19987CRITICAL9.8ten sam produkt

D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880...

CVE-2018-20114CRITICAL9.8ten sam produkt

On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command exec...

CVE-2025-9026MEDIUM5.5ten sam produkt

A vulnerability was identified in D-Link DIR-860L 2.04.B04. This affects the function ssdpcgi_main of the file...