CVE-2019-18852

CRITICAL

D-Link devices - Info Disclosure

Title source: llm

Description

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 (for DCN), DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842 C1 v3.00.

References (1)

[Exploit, Third Party Advisory] https://github.com/ChandlerChin/Dlink_vuls/blob/master/A%20hard%20coded%20telnet%20user%20was%20discovered%20in%20multiple%20Dlink%20routers.pdf

View Exploit ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.0050

EPSS Percentile 65.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-319

Status published

Affected Products (7)

dlink/dir-600_b1_firmware

dlink/dir-615_j1_firmware

dlink/dir-645_a1_firmware

dlink/dir-815_a1_firmware

dlink/dir-823_a1_firmware

dlink/dir-842_c1_firmware

dlink/dir-890l_a1_firmware

Timeline

Published Nov 11, 2019

Tracked Since Feb 18, 2026