Headline
CVE-2018-20432: COVR 3902 1.01B0 Hardcoded Credentials ≈ Packet Storm
D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration.
*Title*: Telnet Hardcoded Credentials*Summary*: The latest versions of the firmware have hardcoded defaultcredentials that can be exploited by an unauthenticated attacker to gainprivileged access to the firmware and to extract sensitive data*Affected Firmware:* COVR-3902_REVA_ROUTER_FIRMWARE_v1.01B0*CVE:* CVE-2018-20432*Proof of Concept: *Step 1: “cat ./etc/init0.d/S80telnetd.sh” to get a usernameStep 2: “cat ./etc/config/image_sign” to get a password.Username: AlphanetworksPassword: wrgac61_dlink.2015_dir883----------Cheers !!!Team CSW Research Lab <http://www.cybersecurityworks.com>