Static Default Credentials in D-Link GO-RT-AC750 Router
CVE-2022-36524

7.5HIGH

Key Information:

Vendor

D-Link
Status
Go-rt-ac750 Firmware
Vendor
CVE Published:
15 August 2022

What is CVE-2022-36524?

The D-Link GO-RT-AC750 router is exposed to a security vulnerability that allows access through static default credentials found in the file /etc/init0.d/S80telnetd.sh. This flaw could enable unauthorized users to gain control over the device, potentially leading to network breaches and data exposure. It is crucial for users to change default settings and enhance security measures to protect their networks.

References

http://d-link.com
x_refsource_MISC
https://www.dlink.com/en/security-bulletin/
x_refsource_MISC
https://drive.google.com/file/d/1WNKrDUbYfSWbSve9ONILkLY6...
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.