CVE-2026-42376

CVE-2026-42376 affects D-Link DIR-456U hardware revision A1 (End-of-Life). The description reports a hardcoded telnet backdoor: at boot a telnet daemon runs with username “Alphanetworks” and password read from /etc/config/image_sign; a -u user:password flag is accepted by the custom telnetd, and ...

CVE-2026-42376 D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...

EUVD-2026-27029

D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...

EUVD-2026-27027

D-Link DIR-600L Hardware Revision A1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir600l" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

CVE-2026-42374

The CVE affects D-Link DIR-600L Hardware Revision B1 (EOL). A hardcoded telnet backdoor starts a telnet daemon at boot and uses the username "Alphanetworks" with a static password read from /etc/alpha_config/image_sign (wrgn61_dlwbr_dir600L). The custom telnetd accepts -u user:password, and the l...

CVE-2026-42374 D-Link DIR-600L B1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

CVE-2026-42374

D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

PT-2026-36837

Name of the Vulnerable Software and Affected Versions D-Link DIR-456U Hardware Revision A1 Description The device contains a hardcoded telnet backdoor. At boot, a telnet daemon is started via the script '/etc/init0.d/S80telnetd.sh' using the username "Alphanetworks" and a static password "whdrv01...

D-Link User-Agent Backdoor Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link User-Agent Backdoor Scanner', 'Description' = %q This module attempts to find D-Link devices running Alphanetworks web interfaces affected...

CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750A1FWv101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session...

CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750A1FWv101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session...

Hardcoded credentials

D-LINK Go-RT-AC750 GORTAC750A1FWv101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session...

CVE-2024-22853

CVE-2024-22853 affects the D-LINK Go-RT-AC750 device with firmware GORTAC750_A1_FW_v101b03, where a hardcoded Alphanetworks password allows remote attackers to obtain root access via a telnet session. Public details in the connected documents confirm the vulnerability type (hardcoded credentials)...

CVE-2024-22853

D-LINK Go-RT-AC750 GORTAC750A1FWv101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session...

PT-2024-1692 · D Link · D-Link Go-Rt-Ac750

Name of the Vulnerable Software and Affected Versions: D-LINK Go-RT-AC750 version GORTAC750 A1 FW v101b03 Description: The issue is related to a hardcoded password for the Alphanetworks account in the D-LINK Go-RT-AC750 router, allowing remote attackers to obtain root access via a telnet session...

CVE-2019-18852

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/imagesign or /etc/alphaconfig/imagesign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 for DCN, DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842...

CVE-2019-18852

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/imagesign or /etc/alphaconfig/imagesign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 for DCN, DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842...

Hardcoded credentials

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/imagesign or /etc/alphaconfig/imagesign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 for DCN, DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842...

CVE-2019-18852

The CVE-2019-18852 entries describe a hardcoded Alphanetworks user account with TELNET access via /etc/config/image_sign or /etc/alpha_config/image_sign, affecting D-Link DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 (DCN), DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and D...

CVE-2019-18852

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/imagesign or /etc/alphaconfig/imagesign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 for DCN, DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842...