HomePentest-Tools.com Logo

D-Link DIR-850L Backdoor Account / Hardcoded Credentials (Telnet) CVE-2017-14421

Severity
CVSSv3 Score
9.8
Vulnerability description

The D-Link DIR-850L router has a backdoor account with hardcoded credentials.

Risk description

It was possible to login with the telnet credentials Alphanetworks:wrgac25_dlink.2013gui_dir850l. This issue may only be exploited by an attacker on the LAN to get a root shell on the device.

Recommendation

It is recommended to disable the Telnet access.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 13, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available