CVE-2018-10641

Name of the Vulnerable Software and Affected Versions D-Link DIR-601 version 1.02NA

Description The issue is related to the authentication procedure in the D-Link DIR-601 router, which has shortcomings. This allows a remote attacker to bypass existing security restrictions. The password change process does not require the old password and occurs in cleartext.

Recommendations For D-Link DIR-601 version 1.02NA, consider changing the password using a secure method to minimize the risk of exploitation. As a temporary workaround, restrict remote access to the device until a more secure authentication procedure is implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.