D-Link has recently addressed critical security vulnerabilities affecting several of its popular WiFi 6 router models. The issues were identified in the DIR-X4860, DIR-X5460, and COVR-X1870 models. The vulnerabilities, disclosed by CERT (TWCERT) on June 24, 2024, include severe flaws such as stack-based buffer overflows and unauthorized access through hardcoded credentials. These vulnerabilities pose significant risks, potentially allowing attackers to execute arbitrary code on affected devices and gain unauthorized control.
The identified flaws include critical stack-based buffer overflows (CVE-2024-45694 and CVE-2024-45695), which can be exploited by unauthenticated remote attackers to execute arbitrary code. Additionally, issues such as CVE-2024-45697 enable telnet service access through the WAN port with hardcoded credentials, while CVE-2024-45696 and CVE-2024-45698 involve improper input validation and unauthorized telnet access within the local network. These flaws highlight the importance of timely security updates to protect against potential exploitation.
D-Link has responded by releasing firmware updates to address these critical vulnerabilities. Affected users are encouraged to upgrade to firmware version v1.03B01 for the COVR-X1870, v1.04B05 for the DIR-X4860, and DIR-X5460A1_V1.11B04 for the DIR-X5460. The company has emphasized the urgency of these updates, noting that while the vulnerabilities were reported and investigated promptly, public disclosure occurred before the standard 90-day patch release schedule was met.
Although D-Link has not reported any known in-the-wild exploitation of these vulnerabilities, the company stresses the importance of installing the security updates to safeguard against potential attacks. With D-Link devices being common targets for malware botnets, securing these routers is crucial for maintaining network integrity and protecting user data from potential breaches.
