CVE-2018-8898
First published: Wed May 23 2018(Updated: )
A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dlink Dsl-3782 Firmware | =3.10.0.24 | |
| Dlink Dsl-3782 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this flaw?
The vulnerability ID is CVE-2018-8898.
What is the severity level of CVE-2018-8898?
CVE-2018-8898 has a severity level of critical.
Which software is affected by CVE-2018-8898?
The D-Link DSL-3782 router with firmware version 3.10.0.24 is affected by CVE-2018-8898.
What can an unauthenticated attacker do with this vulnerability?
An unauthenticated attacker can perform arbitrary modification (read, write) to passwords and configurations.
Are there any known exploits for CVE-2018-8898?
Yes, there are known exploits for CVE-2018-8898. You can find more information on them in the provided references.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/dlink
- canonical/dlink dsl-3782 firmware
- version/dlink dsl-3782 firmware/3.10.0.24
- canonical/dlink dsl-3782