Main Vulnerability Database SB2018110508

SB2018110508 - Multiple vulnerabilities in D-Link DIR-620

Published: November 5, 2018

Security Bulletin ID SB2018110508

Severity

High

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2018–12419)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to part of the config-file is stored in JavaScript variable. A remote attacker in the web dashboard can access sensitive information (for example, user’s password for their Internet connection).

2) Use of hardcoded credentials (CVE-ID: CVE-2018–12676)

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The weakness exists due to the credentials for web dashboard are hardcoded for ISP support purposes. A remote attacker can gain privileged access to the router’s dashboard and execute arbitrary code.

Remediation

Install update from vendor's website.

References

https://medium.com/@makrushin/backdoors-in-d-links-backyard-part-2-multiple-vulnerabilities-in-d-lin...