{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73730?format=json","vulnerability_id":"VCID-v5m2-qyg5-27b1","summary":"Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.\n\nThis issue was fixed in version 1.00B16CP.","aliases":[{"alias":"CVE-2026-4377"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4377","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05847","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4377"},{"reference_url":"https://cert.pl/posts/2026/05/CVE-2026-4377","reference_id":"CVE-2026-4377","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T12:01:49Z/"}],"url":"https://cert.pl/posts/2026/05/CVE-2026-4377"},{"reference_url":"https://www.dlink.com/pl/pl/products/dwr-1820-cp#support","reference_id":"dwr-1820-cp#support","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T12:01:49Z/"}],"url":"https://www.dlink.com/pl/pl/products/dwr-1820-cp#support"}],"weaknesses":[{"cwe_id":1391,"name":"Use of Weak Credentials","description":"The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker."}],"exploits":[],"severity_range_score":"6.0 - 6.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v5m2-qyg5-27b1"}