PatchSiren

D-Link Corporation CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM D-Link Corporation CVE published 2026-05-28

CVE-2026-4377

CVE-2026-4377 documents a medium-severity weakness in D-Link DWR-X1820 routers where default administrative passwords are deterministically generated from the device's IMEI number. The vulnerability, published 2026-05-28, enables attackers with knowledge of the generation algorithm and physical access to the device (or its IMEI) to derive credentials without brute-force effort. No CISA KEV listing or know [truncated]