CVE-2026-4377

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it

Published: 2026-05-28 · Last updated: 2026-05-28

Severity and scoring

CWE: CWE-1391

Description

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-4377
[Other]https://cert.pl/posts/2026/05/CVE-2026-4377
[Other]https://www.dlink.com/pl/pl/products/dwr-1820-cp#support

Related CVEs

Same CWE

CVE-2026-47325 — ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the...
CVE-2026-35089 — In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obt...