Skip to content
CVSS 9.8 · CRITICAL

CVE-2026-42373

D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76_dlwbr_dir605L" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches.

View on NVD

Analysis

This vulnerability affects an end-of-life D-Link consumer router and involves a hardcoded telnet backdoor. Although it provides root access, it is specific to legacy hardware firmware that is not part of the modern software development or server infrastructure stack used by this community.

Severity

Score: 9.8(CRITICAL)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-798

EPSS

Probability of exploitation (next 30 days): 0.0012 (0.1%)
Percentile: 31.0%
EPSS: 2026-05-06

Affects

dlink:dir-605l_firmwaredlink:dir-605l

Technical description

D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76_dlwbr_dir605L" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches.

Published: 5/4/2026, 5:16:25 PM
Last modified: 5/6/2026, 12:19:20 PM

References

HomeEventsBlogResourcesTeam