BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

D-Link DAP 1522 Hardcoded Telnet Credentials

Disclosed November 27, 2013    Zeroday : 239 days

Vulnerability Description:

The default configuration of the device permits logging into it via the telnet service with hardcoded credentials.

Vendors:

D-Link

Vulnerable Software/Devices:

D-Link DAP 1522 firmware and possibly other versions

Vulnerability Severity:

High

Exploit Availability:

Publicly Available

Exploit Impact:

Security Bypass
This vulnerability allows an attacker to bypass certain security restrictions on the system, allowing the attacker to gain unauthorized access to the system.

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 31711 - D-Link DAP 1522 Hardcoded Telnet Credentials (Zero-Day)

Mitigation:

Disable telnet on affected devices. If telnet is required, block public access to the port used by the telnet service.

Links:

CVE(s):

None