CVE-2019-18852

CRITICAL Year: 2019
CVSS v3 Score
9.8
Critical
CVSS v2 Score
10.0
Critical
Weakness Type
CWE-319
View all →

Vulnerability Description

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 (for DCN), DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842 C1 v3.00.

Related Vulnerabilities

CVE-2016-5649

CRITICAL
CVSS:9.8(Critical)

A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access...

CWE-3192016

CVE-2017-15999

CRITICAL
CVSS:9.8(Critical)

In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. When logging in, the username is transmitted in cleartext along with an...

CWE-3192017

CVE-2018-11421

CRITICAL
CVSS:9.8(Critical)

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All infor...

CWE-3192018

CVE-2018-11422

CRITICAL
CVSS:9.8(Critical)

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls. All in...

CWE-3192018

CVE-2018-11749

CRITICAL
CVSS:9.8(Critical)

When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials are sent via plaintext to the LDAP server. This affects Puppet Enterprise 2018.1.3, 2017.3.9, and 2016.4...

CWE-3192018

CVE-2018-1297

CRITICAL
CVSS:9.8(Critical)

When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.

CWE-3192018