What is CVE-2024-6045?

CVE-2024-6045 is a high-severity vulnerability in D-link E15, classified under Hidden Functionality. CVSS score: 8.8/10. Published 2024-06-17.

How severe is CVE-2024-6045?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in D-link E15

CVE-2024-6045

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by usin…

EPSS: 0.076 (92.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

D-link E15 — versions earlier
D-link E30 — versions earlier
D-link G403 — versions earlier
D-link G415 — versions earlier
D-link G416 — versions earlier
D-link M18 — versions earlier
D-link M30 — versions earlier
D-link M32 — versions earlier
D-link M60 — versions earlier
D-link R03 — versions earlier

Weakness classification (CWE)

References

www.twcert.org.tw/tw/cp-132-7879-da630-1.html (third-party-advisory)
www.twcert.org.tw/en/cp-139-7880-629f5-2.html (third-party-advisory)
supportannouncement.us.dlink.com/security/publication.aspx (vendor-advisory)

Frequently asked questions

What is CVE-2024-6045?: CVE-2024-6045 is a high-severity vulnerability in D-link E15, classified under Hidden Functionality. CVSS score: 8.8/10. Published 2024-06-17.
How severe is CVE-2024-6045?: High severity. CVSS v3 base score is 8.8 out of 10.