← back
CVE-2018-5708

CVE-2018-5708

EPSS 6.3%
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response (specifically, the configuration file restore_default), which is displayed in XML.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44388/unverifiedexploitdbwww.exploit-db.com/exploits/44388unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2018/Mar/66https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10111https://www.exploit-db.com/exploits/44388/