Vulnerability identifier: #VU49092
Vulnerability risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-384
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
DSL-2888A
Hardware solutions /
Routers for home users
Vendor: D-Link
Description
The vulnerability allows a remote attacker to gain unauthorized access to the device.
The vulnerability exists due to incorrect session management mechanism, which solely relies on the user's IP address. A remote attacker with ability to use the victim's IP address can gain unauthorized access to victim's session, after victim successfully logs in onto the device.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
DSL-2888A: 2.00 - 2.29
External links
http://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=28241
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.