CVE-2018-18442
First published: Thu Dec 20 2018(Updated: )
D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. An attacker can harm the device availability (i.e., live-online video/audio streaming) by using the hping3 tool to perform an IPv4 flood attack. Verified attacks includes SYN flooding, UDP flooding, ICMP flooding, and SYN-ACK flooding.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-link Dcs-825l Firmware | =1.08 | |
| Dlink Dcs-825l |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-18442?
CVE-2018-18442 is a vulnerability that impacts D-Link DCS-825L devices with firmware 1.08.
What is the severity of CVE-2018-18442?
CVE-2018-18442 has a severity rating of 7.5 (high).
How does CVE-2018-18442 affect D-Link DCS-825L devices?
CVE-2018-18442 allows an attacker to perform a denial-of-service (DoS) attack, which can disrupt the availability of live-online video/audio streaming on D-Link DCS-825L devices.
How can an attacker exploit CVE-2018-18442?
An attacker can exploit CVE-2018-18442 by using the hping3 tool to perform an IPv4 flood attack on vulnerable D-Link DCS-825L devices.
Is there a fix for CVE-2018-18442?
Currently, there is no known fix or patch available for CVE-2018-18442. It is recommended to contact D-Link for further information and updates regarding this vulnerability.
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/references
- agent/severity
- agent/event
- agent/softwarecombine
- agent/description
- agent/first-publish-date
- agent/tags
- agent/type
- vendor/d-link
- canonical/d-link dcs-825l firmware
- version/d-link dcs-825l firmware/1.08
- vendor/dlink
- canonical/dlink dcs-825l