PT-2018-10008 · Davolink · Davolink Dvw-3200N

Ankit Anubhav

Published

2018-08-01

Updated

2019-10-09

CVE-2018-10618

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Davolink DVW-3200N versions prior to 1.00.06

Description The device generates a weak password hash that can be easily cracked, allowing a remote attacker to obtain the device's password.

Recommendations For versions prior to 1.00.06, update to version 1.00.06 or later to resolve the issue. As a temporary workaround, consider changing the device's password to a strong and unique one, and restrict access to the device until the update is applied.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-916

Related Identifiers

CVE-2018-10618

Affected Products

Davolink Dvw-3200N

PT-2018-10008 · Davolink · Davolink Dvw-3200N

CVE-2018-10618

Weakness Enumeration

Related Identifiers

Affected Products

References · 5