August 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
APT Group Gamaredon aka Shuckworm – Active IOCs
August 1, 2024
APT10 Uses NOOPDOOR and LODEINFO Malware to Attack Japanese Companies – Active IOCs
August 1, 2024
APT Group Gamaredon aka Shuckworm – Active IOCs
August 1, 2024
APT10 Uses NOOPDOOR and LODEINFO Malware to Attack Japanese Companies – Active IOCs
August 1, 2024
Severity
High
Analysis Summary
CVE-2024-6045 CVSS:8.8
Multiple D-Link wireless routers contain an undisclosed factory testing backdoor. By accessing a specific URL, a remote attacker could exploit this vulnerability to force the device to enable Telnet service and log in by using the administrator credentials obtained from analyzing the firmware.
CVE-2024-36755 CVSS:7.5
D-Link DIR-1950 devices could allow a remote attacker to bypass security restrictions, caused by improper validation of SSL certificates. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to downgrade the firmware version or change the downloading URL.
Impact
- Gain Access
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-6045
- CVE-2024-36755
Affected Vendors
D-Link
Affected Products
- D-Link G403 earlier
- D-Link G415 earlier
- D-Link G416 earlier
- D-Link M18 earlier
- D-Link R03 earlier
- D-Link R04 earlier
- D-Link R12 earlier
- D-Link R18 earlier
- D-Link E30 earlier
- D-Link M30 earlier
- D-Link M32 earlier
- D-Link M60 earlier
- D-Link R32 earlier
- D-Link E15 earlier
- D-Link R15 earlier
- D-Link DIR-1950 1.11B03
Remediation
Refer to D-Link Web site for patch, upgrade or suggested workaround information.