D-Link ADSL routers have a default Telnet password
| dlink-default-telnet-password (10465) |  High Risk |
Description:
The D-link DSL-500, DSL-504 ADSL, DSL-300G and DSL-300G+ ADSL routers use "private" as the known default password. A remote attacker could establish a telnet connection to the router using the default password to gain unauthorized Telnet access.
Consequences:
Gain Access
Remedy:
No remedy available as of July 9, 2011.
References:
- BugTraq Mailing List, Thu Mar 27 2003 - 09:31:41 CST: Security issues in D-Link DSL-300/DSL-300G+ Broadband Modem/Router.
- BugTraq Mailing List, Thu Oct 24 2002 - 13:28:47 CDT : Re: Router DSL Dlink.
- BugTraq Mailing List, Wed Oct 23 2002 - 16:50:22 CDT : Router DSL Dlink .
- D-Link Systems, Inc. Web site: D-Link Systems, Inc..
- BID-6039: D-Link DSL-500 Default Telnet Password Vulnerability
Platforms Affected:
- D-Link DSL-300
- D-Link DSL-300G+
- D-Link DSL-500
- D-Link DSL-504
Reported:
Oct 24, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net