On July 31, the Davolink DVW-3200N router was exposed to a high-risk vulnerability (CVE-2018-10618). The router generates weak passwords that are easily cracked, allowing remote attackers to obtain the device’s password.
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
Note: The expert published the exploit code on exploit-db.
- DVW-3200N version < 1.00.06
- DVW-3200N version 1.00.06
Davolink officially provides a new firmware version for the device, which can be downloaded from this link.