*Title*: Telnet Hardcoded Credentials  
*Summary*: The latest versions of the firmware have hardcoded default  
credentials that can be exploited by an unauthenticated attacker to gain  
privileged access to the firmware and to extract sensitive data  
*Affected Firmware:* COVR-3902_REVA_ROUTER_FIRMWARE_v1.01B0  
*CVE:* CVE-2018-20432  
*Proof of Concept: *  
Step 1: “cat ./etc/init0.d/” to get a username  
Step 2: “cat ./etc/config/image_sign” to get a password.  
Username: Alphanetworks  
Password: wrgac61_dlink.2015_dir883  
Cheers !!!  
Team CSW Research Lab <>