First published: Tue Oct 09 2018(Updated: )
An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. One can bypass authentication mechanisms to download the configuration file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
D-link Dir-809 A1 Firmware | <=1.09 | |
D-link Dir-809 A2 Firmware | <=1.11 | |
D-link Dir-809 Guestzone Firmware | <=1.09 | |
Dlink Dir-809 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-14080 is a vulnerability discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices, which allows bypassing authentication mechanisms to download the configuration file.
CVE-2018-14080 affects D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices by allowing an attacker to bypass authentication mechanisms and download the configuration file.
CVE-2018-14080 has a severity rating of 7.5 (high).
To fix CVE-2018-14080, it is recommended to update the firmware of your D-Link DIR-809 A1, A2, and Guest Zone devices to versions 1.10, 1.12, and 1.10 respectively.
You can find more information about CVE-2018-14080 on the Nivel4 blog at [https://blog.nivel4.com/investigaciones/nuevas-vulnerabilidades-en-router-d-link-permiten-tomar-control-remoto-del-dispositivo/](https://blog.nivel4.com/investigaciones/nuevas-vulnerabilidades-en-router-d-link-permiten-tomar-control-remoto-del-dispositivo/)