CVE-2018-10824

Name of the Vulnerable Software and Affected Versions D-Link DWR-116 versions 1.06 and earlier D-Link DIR-140L versions 1.02 and earlier D-Link DIR-640L versions 1.02 and earlier D-Link DWR-512 versions 2.02 and earlier D-Link DWR-712 versions 2.02 and earlier D-Link DWR-912 versions 2.02 and earlier D-Link DWR-921 versions 2.02 and earlier D-Link DWR-111 versions 1.01 and earlier

Description The issue concerns the storage of administrative passwords in plaintext in the /tmp/csman/0 file. An attacker with directory traversal or Local File Inclusion (LFI) capabilities can easily gain full access to the router. This allows a remote attacker to potentially gain full control over the device.

Recommendations For D-Link DWR-116 versions 1.06 and earlier, update the firmware to remove the plaintext password storage. For D-Link DIR-140L versions 1.02 and earlier, update the firmware to remove the plaintext password storage. For D-Link DIR-640L versions 1.02 and earlier, update the firmware to remove the plaintext password storage. For D-Link DWR-512 versions 2.02 and earlier, update the firmware to remove the plaintext password storage. For D-Link DWR-712 versions 2.02 and earlier, update the firmware to remove the plaintext password storage. For D-Link DWR-912 versions 2.02 and earlier, update the firmware to remove the plaintext password storage. For D-Link DWR-921 versions 2.02 and earlier, update the firmware to remove the plaintext password storage. For D-Link DWR-111 versions 1.01 and earlier, update the firmware to remove the plaintext password storage. As a temporary workaround, consider restricting access to the /tmp/csman/0 file to minimize the risk of exploitation.