CVE-2023-32145

Name of the Vulnerable Software and Affected Versions D-Link DAP-1360 (affected versions not specified) D-Link DAP-2020 (affected versions not specified)

Description This issue allows network-adjacent attackers to bypass authentication on affected installations of D-Link routers. The specific flaw exists within the processing of login requests to the web-based user interface, where the firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system. The vulnerability is related to the use of hardcoded credentials in the firmware of D-Link wireless access points.

Recommendations For D-Link DAP-1360, consider changing the default credentials to custom ones as a temporary workaround. For D-Link DAP-2020, consider changing the default credentials to custom ones as a temporary workaround. At the moment, there is no information about a newer version that contains a fix for this vulnerability.