CVE-2018-20675

EPSS 0.42%
Veröffentlicht 09.01.2019 00:29:00
Zuletzt bearbeitet 21.11.2024 04:01:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dlink ≫ Dir-822 Firmware Version <= 3.10b06

Dlink ≫ Dir-822 Version-

Dlink ≫ Dir-822-us Firmware Version <= 3.10b06

Dlink ≫ Dir-822-us Version-

Dlink ≫ Dir-850l Firmware Version <= 1.21b07

Dlink ≫ Dir-850l Version-

Dlink ≫ Dir-850l Firmware Version <= 2.21b01

Dlink ≫ Dir-850l Version-

Dlink ≫ Dir-850l Firmware Version2.22b02 Updatebeta

Dlink ≫ Dir-850l Version-

Dlink ≫ Dir-880l Firmware Version <= 1.07.b08

Dlink ≫ Dir-880l Version-

Dlink ≫ Dir-880l Firmware Version1.20b01 Updatebeta

Dlink ≫ Dir-880l Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.42%	0.591

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-20675

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-20675

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-20675

EUVD