Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device.

Related CVEs

CVE-2024-45698

Key Information

GHSA ID

GHSA-xj9g-c23g-r4pj

Published

September 16, 2024 2:37 PM

Last Modified

September 16, 2024 2:37 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.