Authentication Bypass in D-Link DIR-601 B1 Devices
CVE-2018-5708

8HIGH

Key Information:

Vendor: D-Link
Status: Dir-601 Firmware
Vendor: CVE Published:; 30 March 2018

What is CVE-2018-5708?

A vulnerability exists in D-Link DIR-601 B1 devices where an unauthenticated user on the same local network can exploit the admin panel. By accessing the configuration file restore_default, the user can retrieve sensitive information, including the admin username and cleartext password, presented in XML format. This flaw poses a significant security risk, allowing unauthorized access to critical device settings.