D-Link Patches Critical Flaws in Popular Routers
D-Link has rectified critical vulnerabilities in three popular wireless router models that could have permitted remote attackers to execute arbitrary code or gain unauthorized access to the devices by exploiting hard-coded credentials.
The affected models, sought after by users seeking high-performance Wi-Fi 6 routers (DIR-X) and Mesh network systems (COVR), include: COVR-X1870 with firmware versions up to and including v1.02, DIR-X4860 up to v1.04B04_Hot-Fix, and DIR-X5460 up to v1.11B01_Hot-Fix.
The company has disclosed information about five vulnerabilities, three of which were assessed as critical:
- CVE-2024-45694 (CVSS: 9.8): A stack-based buffer overflow, enabling remote attackers to execute arbitrary code.
- CVE-2024-45695 (CVSS: 9.8): A similar buffer overflow, also leading to the execution of arbitrary code.
- CVE-2024-45696 (CVSS: 8.8): Attackers can forcibly enable the telnet service using embedded credentials within the local network.
- CVE-2024-45697 (CVSS: 9.8): The telnet service is activated upon connecting the WAN port, permitting remote access with the use of embedded credentials.
- CVE-2024-45698 (CVSS: 8.8): Insufficient validation of input data in the telnet service, granting attackers the ability to log in and execute OS commands.
To mitigate these issues, D-Link advises users to update their firmware: to v1.03B01 for COVR-X1870, v1.04B05 for DIR-X4860, and to DIR-X5460A1_V1.11B04 for DIR-X5460.
According to the company, the issues came to light on June 24th through TWCERT (Taiwan’s national CERT). However, the manufacturer was not afforded the standard 90 days to address the vulnerabilities before their public disclosure.
In its official statement, D-Link emphasized: “When D-Link became aware of the reported security issues, we promptly started investigating and developing security patches. Patches were release within the 90-day of the report of the vulnerabilities.”
Currently, there have been no reports of exploitation of these vulnerabilities. However, D-Link remains a frequent target for botnets, making the installation of security updates critically important.
