Skip to main content
CVE-2019-18852 CRITICAL POC Act Now

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 600 B1 Firmware Dir 615 J1 Firmware Dir 645 A1 Firmware +4
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy