Description
D-Link DIR-605L Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir605l" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches.
Published: 2026-05-04
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The firmware for the D-Link DIR-605L hardware revision A1 contains a telnet daemon that is started automatically at boot through a shell script. The daemon is started with a hardcoded username, "Alphanetworks", and a static password, "wrgn35_dlwbr_dir605l", stored in a configuration file. The custom login binary performs credential validation using a simple string comparison. If the attacker supplies the correct credentials, they are granted a root shell, giving them full administrative control over the device. This flaw corresponds to CWE-798, which pertains to hard‑coded secrets.

Affected Systems

The affected product is the D-Link DIR-605L A1 firmware, which has reached end‑of‑life and will not receive security updates. No other versions or variants are listed in the CNA data.

Risk and Exploitability

The CVSS score of 8.8 indicates high severity. Because the vulnerability is exploited through a local network telnet service, an attacker only needs network access to the device; authentication is not required beyond using the hardcoded credentials. The EPSS metric is not provided, but the lack of a KEV listing suggests no widespread proof‑of‑concept exploitation has yet been observed. Nevertheless, the ability to obtain root privileges is a critical risk, especially for devices in production environments.

Generated by OpenCVE AI on May 4, 2026 at 17:23 UTC.

Remediation

Vendor Workaround

This product is End-of-Life and will NOT receive patches. Users should replace the device. Temporary: connect via backdoor and run "killall telnetd" and "iptables -A INPUT -p tcp --dport 23 -j DROP" (lost on reboot).

OpenCVE Recommended Actions

  • Replace the end‑of‑life D-Link DIR-605L A1 device with a supported replacement that does not contain the hard‑coded backdoor.
  • If replacement is not immediately possible, log in with the backdoor credentials and stop the telnet daemon by running "killall telnetd".
  • Block telnet traffic on port 23 with a firewall rule such as "iptables -A INPUT -p tcp --dport 23 -j DROP" (note that this rule is lost on reboot; consider making it persistent or shutting down the telnet service at startup).

Generated by OpenCVE AI on May 4, 2026 at 17:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dir-605l Firmware
Vendors & Products D-link
D-link dir-605l Firmware

Mon, 04 May 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 04 May 2026 16:30:00 +0000

Type Values Removed Values Added
Description D-Link DIR-605L Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir605l" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches.
Title D-Link DIR-605L A1 Hardcoded Telnet Backdoor Credentials
First Time appeared Dlink
Dlink dir-605l Firmware
Weaknesses CWE-798
CPEs cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dir-605l Firmware
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

D-link Dir-605l Firmware
Dlink Dir-605l Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: securin

Published:

Updated: 2026-05-04T16:34:06.119Z

Reserved: 2026-04-27T06:21:56.901Z

Link: CVE-2026-42372

cve-icon Vulnrichment

Updated: 2026-05-04T16:33:56.249Z

cve-icon NVD

Status : Received

Published: 2026-05-04T17:16:25.347

Modified: 2026-05-04T17:16:25.347

Link: CVE-2026-42372

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T17:30:04Z

Weaknesses