D-Link Router RCE Vulnerabilities
Three vulnerabilities have been disclosed in D-Link's range of small office/home office wireless routers, which an authenticated attacker could exploit.
This content has been archived
This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk
Summary
Three vulnerabilities have been disclosed in D-Link's range of small office/home office wireless routers, which an authenticated attacker could exploit.
Affected platforms
The following platforms are known to be affected:
Accu-Chek Inform II
D-Link wireless routers:
- DWR-111 - Firmware versions 1.01 and earlier
- DWR-116 - Firmware versions 1.06 and earlier
- DWR-512 - Firmware versions 2.02 and earlier
- DWR-712 - Firmware versions 2.02 and earlier
- DWR-912 - Firmware versions 2.02 and earlier
- DWR-921 - Firmware versions 2.02 and earlier
- DIR-140L - Firmware versions 1.02 and earlier
- DIR-640L - Firmware versions 1.02 and earlier
Threat details
These vulnerabilities could be used to remotely execute arbitrary code on affected devices.
The three vulnerabilities are as follows:
- CVE-2018-10822 - A vulnerability in the web interface of D-Link routers allows for directory traversal. This vulnerability was believed to have been patched in 2017 (CVE-2017-6190).
- CVE-2018-10823 - Login credentials, stored as plaintext, can be easily retrieved by an authenticated user. A proof-of-concept exploit for this has already been observed in the wild.
- CVE-2018-10824 - Admin passwords are stored as plaintext in the temporary folder.
For further information:
Remediation steps
CVE Vulnerabilities
Last edited: 17 February 2020 12:41 pm