⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2018-6213

CWE-798Hard-coded Credentials4 documents4 sources
Severity
9.8CRITICAL
EPSS
1.2%
top 21.08%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
D-link Dir-620 Firmware
Timeline
PublishedJun 20
Latest updateMay 14

Description

In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDd-link/dir-620_firmware7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-4xfh-7qvx-mp6f: In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 12022-05-14
CVEList
CVE-2018-6213: In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 12018-06-20

🕵️Threat Intelligence

1
Securelist
Backdoors in D-Link’s backyard2018-05-23