Report an incident
Back
  • About us
  • For experts
Report an incident
About us
About our team Contact
Baza wiedzy
Fałszywe inwestycje Uważaj na fałszywe sklepy online (Nie)bezpieczne płatności Fałszywi konsultanci Zadbaj o bezpieczne hasła i logowanie Fałszywe załączniki w mailach Fałszywe prośby o szybki przelew Fałszywe SMSy - plaga ostatnich miesięcy Bezpieczny telefon
Biuletyn OUCH!
Porady bezpieczeństwa OUCH!
Tools
n6 Artemis MWDB
CVD program
CVD policy Advisories

Vulnerability in D-Link DWR-X1820 router
28 May 2026 | CERT Polska | #vulnerability, #warning, #cve
CVE ID CVE-2026-4377
Publication date 28 May 2026
Vendor D-Link Corporation
Product DWR-X1820
Vulnerable versions From 1.00B14CP to 1.00B16CP
Vulnerability type (CWE) Use of Weak Credentials (CWE-1391)
Report source Report to CERT Polska

Description

CERT Polska has received a report about vulnerability in D-Link DWR-X1820 router and participated in coordination of its disclosure.

The vulnerability CVE-2026-4377: Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.

This issue was fixed in version 1.00B16CP.

Credits

We thank Bartłomiej Włodarski for the responsible vulnerability report.

More about the coordinated vulnerability disclosure process at CERT Polska can be found at https://cert.pl/en/cvd/.