By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Viral Trending contentViral Trending content
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
Reading: PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
Notification Show More
Viral Trending contentViral Trending content
  • Home
  • Categories
    • World News
    • Politics
    • Sports
    • Celebrity
    • Business
    • Crypto
    • Tech News
    • Gaming News
    • Travel
  • Bookmarks
© 2024 All Rights reserved | Powered by Viraltrendingcontent
Viral Trending content > Blog > Tech News > PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
Tech News

PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers

By admin 3 Min Read
Share
SHARE

The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.

The D-Link DIR-X4860 router is a high-performance Wi-Fi 6 router capable of speeds of up to 4800 Mbps and advanced features like OFDMA, MU-MIMO, and BSS Coloring that enhance efficiency and reduce interference.

The device is particularly popular in Canada, and it’s sold in the global market according to D-Link’s website, and still actively supported by the vendor.

Today, the SSD Secure Disclosure team of researchers announced that they discovered flaws in DIR-X4860 devices running the latest firmware version, DIRX4860A1_FWV1.04B03, which enables unauthenticated remote command execution (RCE).

“Security vulnerabilities in DIR-X4860 allow remote unauthenticated attackers that can access the HNAP port to gain elevated privileges and run commands as root,” reads SSD’s disclosure.

“By combining an authentication bypass with command execution the device can be completely compromised.”

Accessing the Home Network Administration Protocol (HNAP) port on the D-Link DIR-X4860 router is relatively straightforward in most cases, as it’s usually HTTP (port 80) or HTTPS (port 443) accessible through the router’s remote management interface.

Exploitation process

The SSD analysts have shared step-by-step exploitation instructions for the issues they discovered, making a proof-of-concept (PoC) exploit now publicly available.

The attack begins with a specially crafted HNAP login request to the router’s management interface, which includes a parameter named ‘PrivateLogin’ set to “Username” and a username of “Admin”.

The router responds with a challenge, a cookie, and a public key, and these values are used to generate a valid login password for the “Admin” account.

A follow-up login request with the HNAP_AUTH header and the generated LoginPassword is sent to the target device, essentially bypassing authentication.

Login request that bypasses the authentication step
<strong>Login request that bypasses the authentication step</strong><br /><em>Source: SSD Secure Disclosure</em>

With authenticated access, the attacker then exploits a command injection vulnerability in the ‘SetVirtualServerSettings’ function via a specially crafted request.

The vulnerable ‘SetVirtualServerSettings’ function processes the ‘LocalIPAddress’ parameter without proper sanitization, allowing the injected command to execute in the context of the router’s operating system.

SSD says it has contacted D-Link three times to share its findings with the router maker over the past 30 days, but all attempts to notify them have been unsuccessful, leaving the flaws currently unfixed.

BleepingComputer has also reached out to D-Link with a related request, and we are still waiting for a comment.

Until a security firmware update is made available, users of the DIR-X4860 should disable the device’s remote access management interface to prevent exploitation.

You Might Also Like

Your Delivery Robot Is Here

Samsung Galaxy Tab S11 Review: It’s Time For Something New

How the World’s Largest 3D Object Library By Microsoft & NVIDIA

Oracle links Clop extortion attacks to July 2025 vulnerabilities

Is Social Media the Best Tool for Business Growth?

TAGGED: Authentication Bypass, D-Link, Exploit, Proof of Concept, Remote Command Execution, Router, Vulnerability, Zero-Day
Share This Article
Facebook Twitter Copy Link
Previous Article King Charles Unveils First Official Painted Portrait Since Coronation
Next Article OpenAI’s Chief AI Wizard, Ilya Sutskever, Is Leaving the Company
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

- Advertisement -
Ad image

Latest News

Manchester Community Reels From Synagogue Attack
World News
Commerce ministry recommends anti-dumping duty on solar cells from China for 3 yrs
Business
Your Delivery Robot Is Here
Tech News
2025 NFL Odds Week 5: Lines, Spreads for all 14 Games
Sports
Uptober ignites: why $200k is within reach after Bitcoin breaches $120K
Crypto
Barack & Michelle Obama Then & Now: Photos of the Couple Throughout Their Marriage
Celebrity
ARC Raiders Developers Delayed the Game for Three Years Because it Was Not Fun
Gaming News

About Us

Welcome to Viraltrendingcontent, your go-to source for the latest updates on world news, politics, sports, celebrity, tech, travel, gaming, crypto news, and business news. We are dedicated to providing you with accurate, timely, and engaging content from around the globe.

Quick Links

  • Home
  • World News
  • Politics
  • Celebrity
  • Business
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
  • Sports
  • Crypto
  • Tech News
  • Gaming News
  • Travel

Trending News

cageside seats

Unlocking the Ultimate WWE Experience: Cageside Seats News 2024

Manchester Community Reels From Synagogue Attack

Investing £5 a day could help me build a second income of £329 a month!

cageside seats
Unlocking the Ultimate WWE Experience: Cageside Seats News 2024
May 22, 2024
Manchester Community Reels From Synagogue Attack
October 3, 2025
Investing £5 a day could help me build a second income of £329 a month!
March 27, 2024
Brussels unveils plans for a European Degree but struggles to explain why
March 27, 2024
© 2024 All Rights reserved | Powered by Vraltrendingcontent
  • About Us
  • Contact US
  • Disclaimer
  • Privacy Policy
  • Terms of Service
Welcome Back!

Sign in to your account

Lost your password?