PT-2019-4116 · D Link · Dir-890L+6
Published
2019-11-02
·
Updated
2020-08-24
·
CVE-2019-18852
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-600 B1 version V2.01
D-Link DIR-890L A1 version v1.03
D-Link DIR-615 J1 version v100
D-Link DIR-645 A1 version v1.03
D-Link DIR-815 A1 version v1.01
D-Link DIR-823 A1 version v1.01
D-Link DIR-842 C1 version v3.00
Description
The issue is related to hardcoded Alphanetworks user account with TELNET access in certain D-Link devices due to the configuration files /etc/config/image sign or /etc/alpha config/image sign. This could allow a remote attacker to elevate their privileges.
Recommendations
For D-Link DIR-600 B1 version V2.01, consider disabling TELNET access until a patch is available.
For D-Link DIR-890L A1 version v1.03, restrict access to the /etc/config/image sign and /etc/alpha config/image sign configuration files.
For D-Link DIR-615 J1 version v100, avoid using the hardcoded Alphanetworks user account.
For D-Link DIR-645 A1 version v1.03, change the default credentials to prevent unauthorized access.
For D-Link DIR-815 A1 version v1.01, limit remote access to the device.
For D-Link DIR-823 A1 version v1.01, disable the vulnerable user account.
For D-Link DIR-842 C1 version v3.00, apply configuration changes to prevent privilege escalation.
Exploit
Fix
Cleartext Transmission of Sensitive Information
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dir-600M
Dir-615
Dir-645
Dir-815
Dir-823
Dir-842
Dir-890L