CVE-2018-6213

In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:d-link:dir-620_firmware:1.0.3:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dir-620_firmware:1.0.37:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dir-620_firmware:1.3.1:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dir-620_firmware:1.3.3:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dir-620_firmware:1.3.7:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dir-620_firmware:1.4.0:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dir-620_firmware:2.0.22:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-620:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-06-20 16:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-6213

Mitre link : CVE-2018-6213

CVE.ORG link : CVE-2018-6213


JSON object : View

Products Affected

d-link

  • dir-620_firmware

dlink

  • dir-620
CWE
CWE-798

Use of Hard-coded Credentials