CVE-2026-4377
Awaiting Analysis Awaiting Analysis - Queue
Weak Default Password in Dlink DWR-X1820 Router

Publication date: 2026-05-28

Last updated on: 2026-05-28

Assigner: CERT.PL

Description
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-28
Last Modified
2026-05-28
Generated
2026-06-17
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-16
NVD
CVE-2026-4377
EUVD
EUVD-2026-32860
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dlink dwr-x1820 1.00b16cp
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1391 The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in the Dlink DWR-X1820 router arises because it uses a weak default password that is generated from the device's IMEI number. Users are not required to change this default password. An attacker who knows how these passwords are generated and has access to the device's IMEI number can easily guess or crack the default password.

Impact Analysis

This vulnerability can allow an attacker to gain unauthorized access to the router by guessing the default password if they know the device's IMEI number. Such unauthorized access could lead to compromise of the network connected to the router, potentially exposing sensitive data or allowing further attacks within the network.

Detection Guidance

This vulnerability involves the use of a weak default password generated from the device's IMEI number on the D-Link DWR-X1820 router. Detection would involve identifying devices running this router model and checking if the default password is still in use.

Since the password is generated from the IMEI, if you have access to the device IMEI numbers, you can attempt to verify if the default password is active by trying to log in using the known password generation method.

There are no specific commands provided in the available information to detect this vulnerability automatically.

Mitigation Strategies

The vulnerability was fixed in firmware version 1.00B16CP. The immediate mitigation step is to update the router's firmware to this version or later.

Additionally, changing the default password to a strong, unique password that is not derived from the IMEI number will help prevent unauthorized access.

Compliance Impact

The vulnerability in the D-Link DWR-X1820 router involves the use of a weak default password generated from the device's IMEI number, which can be easily cracked by an attacker with knowledge of the IMEI. This weakness can lead to unauthorized access to the device.

Such unauthorized access could potentially compromise the confidentiality and integrity of data transmitted through or stored on the device, which may impact compliance with data protection standards and regulations like GDPR or HIPAA that require adequate security measures to protect personal and sensitive information.

However, the provided information does not explicitly discuss the direct impact on compliance with these standards or any regulatory consequences.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4377. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart