lolcreds

Public credential defaults and exposure patterns for authorized security testing.

D-Link DIR-605L / DIR-600L / DIR-456U EOL Routers

D-Linknetwork9 credentials5 default credentials

Credentials9 documented
01

Web Administration Password

d-link-eol-routers / web-admin-password

D-Link DIR-series routers expose a browser-based administration interface for configuring Internet, wireless, firewall, and management settings. The administrator credential protects the router web UI and management flows; it is deployment-specific and should be changed from any initial setup value. Treat credentials recovered from configuration backups or device storage as sensitive administrative credentials.

generated on installuser definedsecretusername/password

Location

public interface
http://192.168.0.1/

Local router web administration interface commonly used by D-Link DIR routers

public interface
http://dlinkrouter.local/

Local setup and management hostname used by supported D-Link router firmware

config file

Router configuration exports, nvram/config partitions, and web-management account settings

secret store

Password managers, deployment records, ISP/customer handoff notes, and asset-management vaults

image

Firmware images or extracted filesystem/config partitions containing account defaults or hashes

logs

Setup logs, browser autofill stores, helpdesk notes, and support bundles may expose admin credentials

Notes

Do not infer a universal D-Link admin default from examples or old manuals. Model, hardware revision, firmware build, region, ISP customization, and prior setup can change the effective web-admin credential.

02

Wireless WPA/WPA2 Pre-Shared Key

d-link-eol-routers / wireless-pre-shared-key

These routers store wireless network names and WPA/WPA2 pre-shared keys for the LAN WLAN. The Wi-Fi password may be user-defined during setup, printed on a device label for some hardware/ISP variants, or preserved in configuration backups and support bundles.

generated on installuser definedsecretpassword

Location

public interface
Wireless / Wi-Fi setup page

Router web UI pages that display or update SSID and WPA/WPA2 key material

config file

Router configuration backup files and wireless configuration stored in nvram/config partitions

image

Factory firmware or extracted device filesystems containing wireless default-generation artifacts

secret store

Password managers, asset inventories, ISP install records, and endpoint Wi-Fi profiles

logs

Support bundles, screenshots, setup logs, and helpdesk tickets can expose Wi-Fi keys

Notes

Only record a literal Wi-Fi default when it is tied to a specific device label, firmware build, ISP image, or vendor/advisory source. Do not generalize examples across D-Link models.

03

WAN / ISP Access Credentials

d-link-eol-routers / wan-isp-credentials

D-Link router configurations can contain credentials used for WAN access, including PPPoE/PPTP/L2TP usernames and passwords supplied by an ISP or administrator. Exposure of these values can allow account misuse or unauthorized network access depending on provider controls.

user definedsecretusername/password

Location

public interface
Internet / WAN setup page

Router web UI pages for PPPoE, PPTP, L2TP, or ISP-specific WAN authentication

config file

Router configuration backup files and WAN configuration stored in nvram/config partitions

secret store

ISP customer records, installation notes, password managers, and network asset vaults

logs

PPP/authentication troubleshooting logs, support bundles, screenshots, and helpdesk notes

Notes

These are customer/ISP-defined credentials, not static product defaults. They are included because router backup files and management interfaces are common places to encounter operational credentials during assessment.

04

Remote Management / Cloud Service Secret

d-link-eol-routers / remote-management-service-secret

Some D-Link DIR firmware families support remote-management or cloud management features. Associated tokens, account passwords, device pairing secrets, or service credentials may be present in configuration exports, firmware filesystems, application state, or support records when those features are enabled.

generated on installuser definedsecretsecret value

Location

public interface
Remote management / cloud management setup pages

Router web UI or companion-app flows for enabling remote administration

config file

Router configuration backups, nvram/config partitions, and cloud-management settings

secret store

Password managers, D-Link/cloud account records, mobile OS credential stores, and MDM backups

image

Firmware images and extracted filesystems containing service endpoints or fallback secrets

logs

Pairing logs, mobile app diagnostics, support bundles, and cloud troubleshooting records

Notes

Include concrete token formats or literal defaults only when a vendor doc, firmware finding, CVE, or advisory identifies them for a specific model and build.

05

DIR-605L A1 Hardcoded Telnet Backdoor

d-link-eol-routers / dir-605l-a1-telnet-backdoor

D-Link DIR-605L hardware revision A1 starts a telnet daemon at boot via /bin/telnetd.sh using a hardcoded username and password read from /etc/alpha_config/image_sign. Successful authentication grants a root shell with full administrative control on the EOL device.

static defaultundocumentedsecretusername/password

Default credentials

Alphanetworks:wrgn35_dlwbr_dir605l

Location

config file
/etc/alpha_config/image_sign

Firmware file containing the static password used by telnetd startup

config file
/bin/telnetd.sh

Boot/startup script that launches telnetd with the hardcoded credential

public interface
telnet

Telnet login grants root shell after successful authentication

image

EOL DIR-605L A1 firmware image containing the backdoor files

Notes

Tracked as CVE-2026-42372. The device is End-of-Life and is not expected to receive patches.

06

DIR-605L B2 Hardcoded Telnet Backdoor

d-link-eol-routers / dir-605l-b2-telnet-backdoor

D-Link DIR-605L hardware revision B2 starts a telnet daemon at boot via /bin/telnetd.sh using a hardcoded username and password read from /etc/alpha_config/image_sign. Successful authentication grants a root shell with full administrative control on the EOL device.

static defaultundocumentedsecretusername/password

Default credentials

Alphanetworks:wrgn76_dlwbr_dir605L

Location

config file
/etc/alpha_config/image_sign

Firmware file containing the static password used by telnetd startup

config file
/bin/telnetd.sh

Boot/startup script that launches telnetd with the hardcoded credential

public interface
telnet

Telnet login grants root shell after successful authentication

image

EOL DIR-605L B2 firmware image containing the backdoor files

Notes

Tracked as CVE-2026-42373. The device is End-of-Life and is not expected to receive patches.

07

DIR-600L B1 Hardcoded Telnet Backdoor

d-link-eol-routers / dir-600l-b1-telnet-backdoor

D-Link DIR-600L hardware revision B1 starts a telnet daemon at boot via /bin/telnetd.sh using a hardcoded username and password read from /etc/alpha_config/image_sign. Successful authentication grants a root shell with full administrative control on the EOL device.

static defaultundocumentedsecretusername/password

Default credentials

Alphanetworks:wrgn61_dlwbr_dir600L

Location

config file
/etc/alpha_config/image_sign

Firmware file containing the static password used by telnetd startup

config file
/bin/telnetd.sh

Boot/startup script that launches telnetd with the hardcoded credential

public interface
telnet

Telnet login grants root shell after successful authentication

image

EOL DIR-600L B1 firmware image containing the backdoor files

Notes

Tracked as CVE-2026-42374. The device is End-of-Life and is not expected to receive patches.

08

DIR-600L A1 Hardcoded Telnet Backdoor

d-link-eol-routers / dir-600l-a1-telnet-backdoor

D-Link DIR-600L hardware revision A1 starts a telnet daemon at boot via /bin/telnetd.sh using a hardcoded username and password read from /etc/alpha_config/image_sign. Successful authentication grants a root shell with full administrative control on the EOL device.

static defaultundocumentedsecretusername/password

Default credentials

Alphanetworks:wrgn35_dlwbr_dir600l

Location

config file
/etc/alpha_config/image_sign

Firmware file containing the static password used by telnetd startup

config file
/bin/telnetd.sh

Boot/startup script that launches telnetd with the hardcoded credential

public interface
telnet

Telnet login grants root shell after successful authentication

image

EOL DIR-600L A1 firmware image containing the backdoor files

Notes

Tracked as CVE-2026-42375. The device is End-of-Life and is not expected to receive patches.

09

DIR-456U A1 Hardcoded Telnet Backdoor

d-link-eol-routers / dir-456u-a1-telnet-backdoor

D-Link DIR-456U hardware revision A1 starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh using a hardcoded username and password read from /etc/config/image_sign. Successful authentication grants a root shell with full administrative control on the EOL device.

static defaultundocumentedsecretusername/password

Default credentials

Alphanetworks:whdrv01_dlob_dir456U

Location

config file
/etc/config/image_sign

Firmware file containing the static password used by telnetd startup

config file
/etc/init0.d/S80telnetd.sh

Boot/startup script that launches telnetd with the hardcoded credential

public interface
telnet

Telnet login grants root shell after successful authentication

image

EOL DIR-456U A1 firmware image containing the backdoor files

Notes

Tracked as CVE-2026-42376. The device is End-of-Life and is not expected to receive patches.

Scope

Authorized use

LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.