Shodan
Vulnerabilities
Vulnerable Software
Dlink:  >> Dir-600l  >> a1  Security Vulnerabilities
CVE-2026-42375
D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir600l" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches.
CVSS Score
9.8
EPSS Score
0.003
Published
2026-05-04
CVE-2025-60566
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetMACFilter.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-10-24
CVE-2025-60565
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSchedule.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
CVE-2025-60564
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetLog.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
CVE-2025-60563
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetPortTr.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
CVE-2025-60562
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formWlSiteSurvey.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
CVE-2025-60561
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEmail.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
CVE-2025-60559
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetDomainFilter.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
CVE-2025-60558
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formVirtualServ.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
CVE-2025-60557
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEasy_Wizard.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved