The vulnerability of D-Link DAP-2020 and DAP-1360 wireless access points, due to the use of rigidly encrypted login credentials, allows attackers to circumvent security restrictions.

🗓️ 06 Feb 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

D-Link DAP-2020 and DAP-1360 use rigidly encrypted credentials, enabling remote security bypass.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2023-32145	3 May 202402:15	–	attackerkb
CNNVD	D-Link DAP-1360 安全漏洞	3 May 202400:00	–	cnnvd
CNVD	D-Link DAP-1360 Hardcoded Authentication Bypass Vulnerability	12 Jul 202400:00	–	cnvd
CVE	CVE-2023-32145	3 May 202401:56	–	cve
Cvelist	CVE-2023-32145 D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability	3 May 202401:56	–	cvelist
EUVD	EUVD-2023-36413	3 Oct 202520:07	–	euvd
NVD	CVE-2023-32145	3 May 202402:15	–	nvd
OpenVAS	D-Link DAP-1360 Rev. F / DAP-2020 Rev. A2 Devices Multiple Vulnerabilities	12 Aug 202400:00	–	openvas
Positive Technologies	PT-2023-1287 · D Link · D-Link Dap-2020 +1	19 Jan 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-32145 D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability	3 May 202401:56	–	vulnrichment

Vulners

Node

d-link dap-2020Range≤1.03b01

OR

d-link dap-1360Range≤6.14b01

Source	Link
eu	www.eu.dlink.com/uk/en/support/support-news/2023/january/19/dap-1360-dap-2020-multiple-vulnerabilities-by-zdi
zerodayinitiative	www.zerodayinitiative.com/advisories/upcoming/
web	www.web.nvd.nist.gov/view/vuln/detail

12 May 2023 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 28.3

CVSS 38.8

EPSS0.003

D Link devices Wireless access points Encrypted credentials Remote bypass