CVE-2018-12103

moderate-risk

Published 2018-07-05

An issue was discovered on D-Link DIR-890L with firmware 1.21B02beta01 and earlier, DIR-885L/R with firmware 1.21B03beta01 and earlier, and DIR-895L/R with firmware 1.21B04beta04 and earlier devices (all hardware revisions). Due to the predictability of the /docs/captcha_(number).jpeg URI, being local to the network, but unauthenticated to the administrator's panel, an attacker can disclose the CAPTCHAs used by the access point and can elect to load the CAPTCHA of their choosing, leading to unauthorized login attempts to the access point.

Do I need to act?

0.09% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

ADJACENT_NETWORK / LOW complexity

Affected Products (3)

Dir-890L Firmware

Dir-885L\/R Firmware

Dir-895L\/R Firmware

Affected Vendors

D-Link Dlink

References (4)

Mailing List http://seclists.org/fulldisclosure/2018/Jul/13

Vendor Advisory https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10099

Mailing List http://seclists.org/fulldisclosure/2018/Jul/13

Vendor Advisory https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10099

/ 100

moderate-risk

Severity 21/34 · High

Exploitability 0/34 · Minimal

Exposure 9/34 · Low