CVE-2018-8898
Last modified
CVE-2018-8898 is a vulnerability of currently unknown severity. A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel.. EPSS estimates a 13.28% chance of exploitation in the next 30 days.
Description
A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dsl-3782 Firmware | 3.10.0.24 |
References
- http://packetstormsecurity.com/files/147708/D-Link-DSL-3782-Authentication-Bypass.htmlExploit, Third Party Advisory, VDB Entry
- https://www.exploit-db.com/exploits/44657/Exploit, Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/147708/D-Link-DSL-3782-Authentication-Bypass.htmlExploit, Third Party Advisory, VDB Entry
- https://www.exploit-db.com/exploits/44657/Exploit, Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-8898?
How severe is CVE-2018-8898?
How do I fix CVE-2018-8898?
Are you affected by CVE-2018-8898?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST