CVE-2026-4377
Weak Default Password in Dlink DWR-X1820 Router
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: CERT.PL
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dlink | dwr-x1820 | 1.00b16cp |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1391 | The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the Dlink DWR-X1820 router arises because it uses a weak default password that is generated from the device's IMEI number. Users are not required to change this default password. An attacker who knows how these passwords are generated and has access to the device's IMEI number can easily guess or crack the default password.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to gain unauthorized access to the router by guessing the default password if they know the device's IMEI number. Such unauthorized access could lead to compromise of the network connected to the router, potentially exposing sensitive data or allowing further attacks within the network.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the use of a weak default password generated from the device's IMEI number on the D-Link DWR-X1820 router. Detection would involve identifying devices running this router model and checking if the default password is still in use.
Since the password is generated from the IMEI, if you have access to the device IMEI numbers, you can attempt to verify if the default password is active by trying to log in using the known password generation method.
There are no specific commands provided in the available information to detect this vulnerability automatically.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability was fixed in firmware version 1.00B16CP. The immediate mitigation step is to update the router's firmware to this version or later.
Additionally, changing the default password to a strong, unique password that is not derived from the IMEI number will help prevent unauthorized access.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in the D-Link DWR-X1820 router involves the use of a weak default password generated from the device's IMEI number, which can be easily cracked by an attacker with knowledge of the IMEI. This weakness can lead to unauthorized access to the device.
Such unauthorized access could potentially compromise the confidentiality and integrity of data transmitted through or stored on the device, which may impact compliance with data protection standards and regulations like GDPR or HIPAA that require adequate security measures to protect personal and sensitive information.
However, the provided information does not explicitly discuss the direct impact on compliance with these standards or any regulatory consequences.