Cyber Resilience

CVE-2024-6045

High

Published: 17 June 2024

Published
17 June 2024
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0762 92.1th percentile
Risk Priority 22 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-6045 is a high-severity Use of Hard-coded Credentials (CWE-798) vulnerability in Org (inferred from references). Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 7.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor that implements hidden functionality for enabling remote access. The affected devices allow an unauthenticated actor on the local network to activate the Telnet service by requesting a specific URL, after which login is possible using administrator credentials recovered through firmware analysis. The issue is tracked under CVE-2024-6045 with a CVSS 3.1 score of 8.8 and is associated with CWE-798 and CWE-912.

An attacker positioned on the same LAN can exploit the backdoor without authentication or user interaction to obtain full administrative control over the router. Successful exploitation grants the ability to read or modify configuration data, intercept traffic, and pivot to other devices on the network.

D-Link has published security announcements (SAP10398) and Taiwan's CERT has issued coordinated advisories detailing the affected models and recommended actions; these resources should be consulted for firmware updates or configuration changes that disable the testing interface. The associated EPSS score remains low, with a current value of 0.0762 and a peak of 0.0789.

EU & UK References

Vulnerability details

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator…

more

credentials obtained from analyzing the firmware.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Org
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-798 CWE-912

Strategy enforces supplier requirements and code reviews that reduce hard-coded credentials introduced through acquired products.

addresses: CWE-798 CWE-912

Vetting individuals before they occupy roles that touch credentials or secrets reduces the likelihood of hard-coded credentials being introduced or abused.

addresses: CWE-912 CWE-798

Hunting identifies hidden functionality used for persistence or evasion after initial compromise.

addresses: CWE-912 CWE-798

Vetting and integrity controls during acquisition reduce the likelihood of hidden backdoors or malicious functionality introduced by suppliers.

addresses: CWE-912 CWE-798

Addresses hidden functionality by mandating evidence that the system or component contains no undocumented or unauthorized capabilities that could be exploited.

addresses: CWE-798 CWE-912

Vetting reduces the chance a developer will deliberately insert hard-coded credentials as a backdoor or unauthorized access mechanism.

addresses: CWE-798

Enables users to notice when hard-coded credentials have been exploited for unauthorized access.

addresses: CWE-798

Security training explicitly warns against hard-coded credentials, lowering their use in systems.

References