CVE-2020-13785

Vulnerability

The D-Link DIR-865L router, hardware revision Ax, running firmware version 1.20B01 Beta (released August 9, 2018), suffers from inadequate encryption strength [1][2]. The vulnerability resides in the router's implementation of cryptographic protections, which fail to meet minimum security standards. The product reached its End of Support/End of Life on February 1, 2016, and the vulnerable firmware is a beta release provided after that date [2].

Exploitation

An attacker with adjacent network access to the router can exploit the weak encryption to sniff traffic and potentially decrypt sensitive information [1]. The exact attack vector is not detailed in available references, but inadequate encryption strength typically allows attackers to recover plaintext from captured encrypted communications without needing authentication or user interaction [1].

Impact

Successful exploitation leads to the disclosure of sensitive information transmitted to or from the router, including session cookies and other confidential data [1]. This information disclosure can be chained with other vulnerabilities (e.g., command injection CVE-2020-13782 or CSRF CVE-2020-13786) to gain administrative access or execute arbitrary commands [1].

Mitigation

D-Link has released a beta patch, but the DIR-865L hardware revision Ax reached its End of Support/End of Life on February 1, 2016; no further firmware updates are planned [2]. Users are strongly recommended to replace the device with a supported model [1][2]. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.