Use of Weak Credentials in D-Link DWR-X1820 router_CVE-2026-4377

6 / 10

MEDIUM

CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.

This issue was fixed in version 1.00B16CP.

Basic Information

ID CVE-2026-4377

Source CERT-PL

Published May 28, 2026 at 09:02

Affected Product

Vendor D-Link Corporation

Product DWR-X1820

Version 1.00B14CP

Affected Versions D-Link Corporation DWR-X1820 1.00B14CP

CWE Classification

CWE-1391

References

{
    "lastseen": "",
    "description": "Dlink\u00a0DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.\n\nThis issue was fixed in version\u00a01.00B16CP.",
    "published": "2026-05-28T09:02:44.579Z",
    "modified": "2026-05-28T09:02:44.579Z",
    "type": "cve",
    "title": "Use of Weak Credentials in D-Link DWR-X1820 router",
    "source": "CERT-PL",
    "references": "https://cert.pl/posts/2026/05/CVE-2026-4377\nhttps://www.dlink.com/pl/pl/products/dwr-1820-cp#support",
    "id": "CVE-2026-4377",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1391"
    ],
    "cvelist": null,
    "sourceData": "D-Link Corporation DWR-X1820 1.00B14CP",
    "sourceHref": "",
    "cvss": {
        "score": 6,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DWR-X1820",
    "version": "1.00B14CP",
    "vendor": "D-Link Corporation",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}