What is CVE-2018-12103?

CVE-2018-12103 is a vulnerability discovered on D-Link DIR-890L, DIR-885L/R, and DIR-895L/R routers with specific firmware versions.

How severe is CVE-2018-12103?

CVE-2018-12103 has a severity rating of 6.5 out of 10, which is considered medium.

Which devices are affected by CVE-2018-12103?

D-Link DIR-890L, DIR-885L/R, and DIR-895L/R routers are affected by CVE-2018-12103 with specific firmware versions.

What is the impact of CVE-2018-12103?

CVE-2018-12103 allows an attacker to bypass CAPTCHA authentication and gain unauthorized access to the router's administration interface.

How can I fix CVE-2018-12103?

To mitigate CVE-2018-12103, update your router's firmware to a version that addresses the vulnerability.

Vulnerability/
CVE-2018-12103

medium

6.5

CWE

863

5/7/2018

5/8/2024

CVE-2018-12103

First published: Thu Jul 05 2018(Updated: )

An issue was discovered on D-Link DIR-890L with firmware 1.21B02beta01 and earlier, DIR-885L/R with firmware 1.21B03beta01 and earlier, and DIR-895L/R with firmware 1.21B04beta04 and earlier devices (all hardware revisions). Due to the predictability of the /docs/captcha_(number).jpeg URI, being local to the network, but unauthenticated to the administrator's panel, an attacker can disclose the CAPTCHAs used by the access point and can elect to load the CAPTCHA of their choosing, leading to unauthorized login attempts to the access point.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Dlink Dir-890l Firmware	<=1.21b02beta01
Dlink Dir-890l
D-link Dir-885l\/r Firmware	<=1.21b03beta01
D-link Dir-885\/r
D-link Dir-895l\/r Firmware	<=1.21b04beta01
D-link Dir-895\/r

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-12103?
CVE-2018-12103 is a vulnerability discovered on D-Link DIR-890L, DIR-885L/R, and DIR-895L/R routers with specific firmware versions.
How severe is CVE-2018-12103?
CVE-2018-12103 has a severity rating of 6.5 out of 10, which is considered medium.
Which devices are affected by CVE-2018-12103?
D-Link DIR-890L, DIR-885L/R, and DIR-895L/R routers are affected by CVE-2018-12103 with specific firmware versions.
What is the impact of CVE-2018-12103?
CVE-2018-12103 allows an attacker to bypass CAPTCHA authentication and gain unauthorized access to the router's administration interface.
How can I fix CVE-2018-12103?
To mitigate CVE-2018-12103, update your router's firmware to a version that addresses the vulnerability.

collector/nvd-index
agent/event
agent/weakness
agent/severity
agent/references
agent/author
agent/tags
agent/type
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/dlink
canonical/dlink dir-890l firmware
version/dlink dir-890l firmware/1.21b02beta01
canonical/dlink dir-890l
vendor/d-link
canonical/d-link dir-885l\/r firmware
version/d-link dir-885l\/r firmware/1.21b03beta01
canonical/d-link dir-885\/r
canonical/d-link dir-895l\/r firmware
version/d-link dir-895l\/r firmware/1.21b04beta01
canonical/d-link dir-895\/r

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.