Vulnerability identifier: #VU49092

Vulnerability risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-24579

CWE-ID: CWE-384

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
DSL-2888A
Hardware solutions / Routers for home users

Vendor: D-Link

Description

The vulnerability allows a remote attacker to gain unauthorized access to the device.

The vulnerability exists due to incorrect session management mechanism, which solely relies on the user's IP address. A remote attacker with ability to use the victim's IP address can gain unauthorized access to victim's session, after victim successfully logs in onto the device.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

DSL-2888A: 2.00 - 2.29

---

External links
http://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=28241

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.