🔐 CVE Alert

CVE-2026-4377

UNKNOWN 0.0

Use of Weak Credentials in D-Link DWR-X1820 router

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP.

CWE CWE-1391
Vendor d-link corporation
Product dwr-x1820
Published May 28, 2026
Last Updated May 28, 2026
Stay Ahead of the Next One

Get instant alerts for d-link corporation dwr-x1820

Be the first to know when new unknown vulnerabilities affecting d-link corporation dwr-x1820 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

D-Link Corporation / DWR-X1820
1.00B14CP < 1.00B16CP

References

NVD ↗ CVE.org ↗ EPSS Data ↗
cert.pl: https://cert.pl/posts/2026/05/CVE-2026-4377 dlink.com: https://www.dlink.com/pl/pl/products/dwr-1820-cp#support

Credits

Bartłomiej Włodarski