CVE-2018-14081
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. Device passwords, such as the admin password and the WPA key, are stored in cleartext.
Se ha descubierto un problema en dispositivos D-Link DIR-809 A1 hasta la versión 1.09, A2 hasta la versión 1.11 y Guest Zone hasta la versión 1.09. Las contraseñas del dispositivo, como la contraseña de administrador y la clave WPA, están almacenadas en texto claro.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-07-15 CVE Reserved
- 2018-10-09 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-522: Insufficiently Protected Credentials
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://blog.nivel4.com/investigaciones/nuevas-vulnerabilidades-en-router-d-link-permiten-tomar-control-remoto-del-dispositivo | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| D-link Search vendor "D-link" | Dir-809 A1 Firmware Search vendor "D-link" for product "Dir-809 A1 Firmware" | <= 1.09 Search vendor "D-link" for product "Dir-809 A1 Firmware" and version " <= 1.09" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dir-809 Search vendor "Dlink" for product "Dir-809" | * | - |
Safe
|
| D-link Search vendor "D-link" | Dir-809 A2 Firmware Search vendor "D-link" for product "Dir-809 A2 Firmware" | <= 1.11 Search vendor "D-link" for product "Dir-809 A2 Firmware" and version " <= 1.11" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dir-809 Search vendor "Dlink" for product "Dir-809" | * | - |
Safe
|
| D-link Search vendor "D-link" | Dir-809 Guestzone Firmware Search vendor "D-link" for product "Dir-809 Guestzone Firmware" | <= 1.09 Search vendor "D-link" for product "Dir-809 Guestzone Firmware" and version " <= 1.09" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dir-809 Search vendor "Dlink" for product "Dir-809" | * | - |
Safe
|