CVE-2024-6045
Published: 17 June 2024
Summary
CVE-2024-6045 is a high-severity Use of Hard-coded Credentials (CWE-798) vulnerability in Org (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 7.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor that implements hidden functionality for enabling remote access. The affected devices allow an unauthenticated actor on the local network to activate the Telnet service by requesting a specific URL, after which login is possible using administrator credentials recovered through firmware analysis. The issue is tracked under CVE-2024-6045 with a CVSS 3.1 score of 8.8 and is associated with CWE-798 and CWE-912.
An attacker positioned on the same LAN can exploit the backdoor without authentication or user interaction to obtain full administrative control over the router. Successful exploitation grants the ability to read or modify configuration data, intercept traffic, and pivot to other devices on the network.
D-Link has published security announcements (SAP10398) and Taiwan's CERT has issued coordinated advisories detailing the affected models and recommended actions; these resources should be consulted for firmware updates or configuration changes that disable the testing interface. The associated EPSS score remains low, with a current value of 0.0762 and a peak of 0.0789.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-47203
Vulnerability details
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator…
more
credentials obtained from analyzing the firmware.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Strategy enforces supplier requirements and code reviews that reduce hard-coded credentials introduced through acquired products.
Vetting individuals before they occupy roles that touch credentials or secrets reduces the likelihood of hard-coded credentials being introduced or abused.
Hunting identifies hidden functionality used for persistence or evasion after initial compromise.
Vetting and integrity controls during acquisition reduce the likelihood of hidden backdoors or malicious functionality introduced by suppliers.
Addresses hidden functionality by mandating evidence that the system or component contains no undocumented or unauthorized capabilities that could be exploited.
Vetting reduces the chance a developer will deliberately insert hard-coded credentials as a backdoor or unauthorized access mechanism.
Enables users to notice when hard-coded credentials have been exploited for unauthorized access.
Security training explicitly warns against hard-coded credentials, lowering their use in systems.