A critical vulnerability in Davolink DVW-3200N was disclosed on July 31. CVE-2018-10618 has been assigned to this vulnerability and the CVSS v3 base score is 9.8. This device generates a weak password hash that is easy to crack, allowing a remote attacker to gain access to the device.
Reference: https://ics-cert.us-cert.gov/advisories/ICSA-18-212-01
Affected Versions
DVW-3200N version < 1.00.06
Unaffected Version
DVW-3200N version 1.00.06
Solution
Davolink has produced a new firmware version for the device that can be donloaded from: http://www.davolink.co.kr/sys/bbs/board.php?bo_table=0403&wr_id=50