Vulnerabilities > CVE-2018-10968 - Insecure Default Initialization of Resource vulnerability in D-Link Dir-550A Firmware and Dir-604M Firmware

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
d-link
CWE-1188
critical

Summary

On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability.

Vulnerable Configurations

Part Description Count
OS
D-Link
2
Hardware
Dlink
2