CVE-2024-45696 – D-Link WiFi router - Hidden Functionality

https://notcve.org/view.php?id=CVE-2024-45696

Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the same local network as the device. • https://www.twcert.org.tw/tw/cp-132-8086-93ed5-1.html https://www.twcert.org.tw/en/cp-139-8087-c3e70-2.html • CWE-912: Hidden Functionality •