Vulnerability Description
An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. Device passwords, such as the admin password and the WPA key, are stored in cleartext.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| D-Link | Dir-809 A1 Firmware | <= 1.09 |
| D-Link | Dir-809 A2 Firmware | <= 1.11 |
| D-Link | Dir-809 Guestzone Firmware | <= 1.09 |
| Dlink | Dir-809 | All versions |
Related Weaknesses (CWE)
References
- https://blog.nivel4.com/investigaciones/nuevas-vulnerabilidades-en-router-d-linkThird Party Advisory
- https://blog.nivel4.com/investigaciones/nuevas-vulnerabilidades-en-router-d-linkThird Party Advisory
FAQ
What is CVE-2018-14081?
CVE-2018-14081 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. Device passwords, such as the admin password and the WPA key, are stored in cleartext.
How severe is CVE-2018-14081?
CVE-2018-14081 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-14081?
Check the references section above for vendor advisories and patch information. Affected products include: D-Link Dir-809 A1 Firmware, D-Link Dir-809 A2 Firmware, D-Link Dir-809 Guestzone Firmware, Dlink Dir-809.