Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-10824

CWE-22Path TraversalCWE-522Insufficiently Protected Credentials5 documents4 sources
Severity
9.8CRITICAL
EPSS
44.0%
top 2.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
8
Dlink Dir-140l FirmwareDlink Dir-640l FirmwareDlink Dwr-111 Firmware+5 more
Timeline
PublishedOct 17
Latest updateMay 13

Description

An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0 file. An attacker having a directory traversal (or LFI) can easily get full router access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages8 packages

🔴Vulnerability Details

2
GHSA
GHSA-r34g-3qj4-p82w: An issue was discovered on D-Link DWR-116 through 12022-05-13
CVEList
CVE-2018-10824: An issue was discovered on D-Link DWR-116 through 12018-10-17

💥Exploits & PoCs

2
Exploit-DB
D-Link Routers - Plaintext Password2018-10-12
Exploit-DB
D-Link Routers - Directory Traversal2018-10-12
CVE-2018-10824 (CRITICAL CVSS 9.8) | An issue was discovered on D-Link D | cvebase.io