Published: 21/12/2018 Updated: 24/08/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated malicious users to discover admin credentials.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dlink dsl-2770l_firmware me_1.06
dlink dsl-2770l_firmware me_1.02
dlink dsl-2770l_firmware me_1.01
dlink dir-140l_firmware 1.02
dlink dir-140l_firmware 1.01ru
dlink dir-140l_firmware 1.00
dlink dir-640l_firmware 1.02
dlink dir-640l_firmware 1.01ru
dlink dir-640l_firmware 1.00
dlink dwr-116_firmware 2.01
dlink dwr-116_firmware 1.03
dlink dwr-116_firmware 1.05
dlink dwr-116_firmware 2.02
dlink dwr-512_firmware 1.03
dlink dwr-512_firmware 1.05
dlink dwr-512_firmware 2.01
dlink dwr-512_firmware 2.02
dlink dwr-555_firmware 1.03
dlink dwr-555_firmware 1.05
dlink dwr-555_firmware 2.01
dlink dwr-555_firmware 2.02
dlink dwr-921_firmware 1.03
dlink dwr-921_firmware 1.05
dlink dwr-921_firmware 2.01
dlink dwr-921_firmware 2.02

D-Link DSL-2770L, DIR-140L, DIR-640L, DWR-116, DWR-512, DWR-555, and DWR-921 all suffer from an administrative credential disclosure vulnerability ...

Full Disclosure mailing list archives   By Date By Thread </form>    [CVE-2018-18008] spaceshtm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to disco ...

CWE-798 http://seclists.org/fulldisclosure/2018/Dec/45 http://www.securityfocus.com/bid/106344 https://nvd.nist.gov https://packetstormsecurity.com/files/150879/D-Link-DSL-2770L-DIR-140L-DIR-640L-Credential-Disclosure.html

CVE-2018-18008

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect