PT-2018-2564 · D Link · Dir-822+3
Henry Huang
·
Published
2018-11-01
·
Updated
2021-04-23
·
CVE-2018-20675
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-822 C1 versions prior to v3.11B01Beta
D-Link DIR-822-US C1 versions prior to v3.11B01Beta
D-Link DIR-850L A* versions prior to v1.21B08Beta
D-Link DIR-850L B* versions prior to v2.22B03Beta
D-Link DIR-880L A* versions prior to v1.20B02Beta
Description
The issue is related to weaknesses in the authentication procedure of D-Link router software. Exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations
For D-Link DIR-822 C1 versions prior to v3.11B01Beta, update to v3.11B01Beta or later.
For D-Link DIR-822-US C1 versions prior to v3.11B01Beta, update to v3.11B01Beta or later.
For D-Link DIR-850L A* versions prior to v1.21B08Beta, update to v1.21B08Beta or later.
For D-Link DIR-850L B* versions prior to v2.22B03Beta, update to v2.22B03Beta or later.
For D-Link DIR-880L A* versions prior to v1.20B02Beta, update to v1.20B02Beta or later.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dir-822
Dir-822-Us
Dir-850L
Dir-880L