Hardcoded Password in D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 Allows Remote Attackers to Obtain Root Access

CVE-2024-22853

9.8CRITICAL

Key Information

Vendor: D-LINK
Status: Go-rt-ac750 Firmware
Vendor: CVE Published:; 6 February 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.

News Articles

prophaze.com

CVE-2024-22853

CVE-2024-22853 : D-LINK GO-RT-AC750 101B03 HARD-CODED PASSWORD - Cloud WAF

CVE-2024-22853 : D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.

10 months ago

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit exists.
Jun 29, 2024
First article discovered by prophaze.com
Feb 6, 2024
Vulnerability published.
Feb 6, 2024
Vulnerability Reserved.
Jan 11, 2024

Collectors

NVD DatabaseMitre Database0 Proof of Concept(s)1 News Article(s)