Hardcoded User Account Vulnerability in D-Link Routers
CVE-2019-18852
9.8CRITICAL
What is CVE-2019-18852?
Certain D-Link router models contain a hardcoded Alphanetworks user account that allows TELNET access, exposing the devices to serious security risks. This vulnerability occurs due to the presence of hardcoded credentials in configuration files, specifically /etc/config/image_sign or /etc/alpha_config/image_sign. Users of affected products should assess their network's security posture and consider updating their devices to mitigate potential exploitation.