PT-2019-4116 · D Link · Dir-890L+6
Publicado
2019-11-02
·
Atualizado
2020-08-24
·
CVE-2019-18852
CVSS v3.1
10
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-600 B1 version V2.01
D-Link DIR-890L A1 version v1.03
D-Link DIR-615 J1 version v100
D-Link DIR-645 A1 version v1.03
D-Link DIR-815 A1 version v1.01
D-Link DIR-823 A1 version v1.01
D-Link DIR-842 C1 version v3.00
Description
The issue is related to hardcoded Alphanetworks user account with TELNET access in certain D-Link devices due to the configuration files /etc/config/image sign or /etc/alpha config/image sign. This could allow a remote attacker to elevate their privileges.
Recommendations
For D-Link DIR-600 B1 version V2.01, consider disabling TELNET access until a patch is available.
For D-Link DIR-890L A1 version v1.03, restrict access to the /etc/config/image sign and /etc/alpha config/image sign configuration files.
For D-Link DIR-615 J1 version v100, avoid using the hardcoded Alphanetworks user account.
For D-Link DIR-645 A1 version v1.03, change the default credentials to prevent unauthorized access.
For D-Link DIR-815 A1 version v1.01, limit remote access to the device.
For D-Link DIR-823 A1 version v1.01, disable the vulnerable user account.
For D-Link DIR-842 C1 version v3.00, apply configuration changes to prevent privilege escalation.
Exploit
Correção
Cleartext Transmission of Sensitive Information
Using Hardcoded Credentials
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Dir-600M
Dir-615
Dir-645
Dir-815
Dir-823
Dir-842
Dir-890L