← back
CVE-2018-8898

CVE-2018-8898

EPSS 13.3%
A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/147708/D-Link-DSL-3782-Authentication-Bypass.htmlunverifiedcve_referencewww.exploit-db.com/exploits/44657/unverifiedexploitdbwww.exploit-db.com/exploits/44657unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/147708/D-Link-DSL-3782-Authentication-Bypass.htmlhttps://www.exploit-db.com/exploits/44657/