This page lists publicly disclosed CVE vulnerabilities affecting dlink dir-600l_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-42375 | D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir600l" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with fu | 33c584b5-0579-4c06-b2a0-8d8329fcab9c | 9.8 | 0.47% | 2026-05-04 | 2026-06-17 |
| CVE-2026-42374 | D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61_dlwbr_dir600L" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with fu | 33c584b5-0579-4c06-b2a0-8d8329fcab9c | 9.8 | 0.47% | 2026-05-04 | 2026-06-17 |
| CVE-2025-60566 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetMACFilter. | [email protected] | 7.5 | 0.38% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60565 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSchedule. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60564 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetLog. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60563 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetPortTr. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60562 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formWlSiteSurvey. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60561 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEmail. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60559 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetDomainFilter. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60558 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formVirtualServ. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60557 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEasy_Wizard. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60556 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWizard1. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60555 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWizardSelectMode. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60554 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEnableWizard. | [email protected] | 9.8 | 0.38% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60553 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWAN_Wizard52. | [email protected] | 9.8 | 0.38% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60552 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formTcpipSetup. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60551 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the next_page parameter in the function formDeviceReboot. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60550 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formEasySetTimezone. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60549 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAutoDetecWAN_wizard4. | [email protected] | 7.5 | 0.30% | 2025-10-24 | 2026-06-17 |
| CVE-2025-60548 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLanSetupRouterSettings. | [email protected] | 9.8 | 0.38% | 2025-10-24 | 2026-06-17 |