CyberSec.Space Logo
Back to CVE Browser

CVE-2018-8898

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0040%
EPSS Percentile26.59th
PublishedMay 23, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel.

Affected Platforms (CPE)

πŸ’»
Dlink

Dsl 3782 Firmware

= 3.10.0.24

References & Advisories

πŸ”— http://packetstormsecurity.com/files/147708/D-Link-DSL-3782-Authentication-Bypass.html
πŸ”— https://www.exploit-db.com/exploits/44657/
πŸ”— http://packetstormsecurity.com/files/147708/D-Link-DSL-3782-Authentication-Bypass.html
πŸ”— https://www.exploit-db.com/exploits/44657/

Related Vulnerabilities

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...

CVE-2018-487210.0

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006...

CVE-2018-261110.0

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Service...

CVE-2018-100012410.0

I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.p...