First published: Wed May 23 2018(Updated: )
A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dsl-3782 Firmware | =3.10.0.24 | |
Dlink Dsl-3782 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2018-8898.
CVE-2018-8898 has a severity level of critical.
The D-Link DSL-3782 router with firmware version 3.10.0.24 is affected by CVE-2018-8898.
An unauthenticated attacker can perform arbitrary modification (read, write) to passwords and configurations.
Yes, there are known exploits for CVE-2018-8898. You can find more information on them in the provided references.