heise PlusAbo
Anzeige

Security patch: Backdoor in some D-Link routers allows unauthorized access

Attackers can attack and compromise certain D-Link router models. Security updates are available for download.

listen Print view

(Image: ZinaidaSopina/Shutterstock.com)

1 min. read
Security
By

The D-Link WLAN routers COVR-X1870, DIR-X4860 and DIR-X5460 are vulnerable. Attackers can access devices using hard-coded access data, among other things.

Effects of attacks

In a warning message, the developers list that they have closed a total of five security vulnerabilities. Three of these are considered"critical" (CVE-2024-45694, CVE-2024-45695, CVE-2024-45697). In two cases, remote attackers can execute malicious code remotely without authentication.

Videos by heise

In the third case, attackers can use static log-in data to log in via a backdoor using Telnet and execute system commands. In all cases, it stands to reason that devices are considered completely compromised after successful attacks.

D-Link has not yet reported any attacks. It remains unclear how router owners can detect devices that have already been attacked. To protect routers from the attacks described, owners must install the following security patches:

  • COVR-X1870 v1.03B01
  • DIR-X4860 v1.04B05
  • DIR-X5460 DIR-X5460A1 V1.11B04

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten