Weak Cipher Vulnerability in D-Link Wireless Access Points
CVE-2019-14332

7.8HIGH

Key Information:

Vendor

D-Link
Status
6600-ap Firmware
Vendor
CVE Published:
1 August 2019

What is CVE-2019-14332?

A vulnerability has been identified in specific D-Link wireless access points where weak ciphers, such as diffie-hellman-group1-sha1, are utilized for SSH connections. This issue may expose devices to potential security risks, allowing for unauthorized access and information disclosure. Users are advised to implement immediate security measures, including updating firmware and enhancing cryptographic strength to safeguard their networks.

References

https://us.dlink.com/en/security-advisory
x_refsource_MISC
https://www.dlink.com/en/security-bulletin
x_refsource_MISC
http://packetstormsecurity.com/files/153840/D-Link-6600-A...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.