Authentication Bypass Vulnerability in D-Link Routers
CVE-2018-20675

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: Dir-822 Firmware
Vendor: CVE Published:; 9 January 2019

What is CVE-2018-20675?

Certain D-Link router models have been found to be susceptible to an authentication bypass vulnerability, allowing unauthorized access to device features. Specifically, the DIR-822 C1, DIR-822-US C1, DIR-850L (versions A* and B*), and DIR-880L A* devices before specific firmware updates are affected. Users are urged to upgrade their firmware to mitigate security risks and ensure device integrity.

References

https://securityadvisories.dlink.com/announcement/publica...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 9, 2019