CVE-2020-25079

CVSS v2.0

9.0

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions D-Link DCS-2530L versions prior to 1.06.01 Hotfix D-Link DCS-2670L versions through 2.02

Description An issue exists in the

cgi-bin/ddns enc.cgi

file on D-Link DCS-2530L and DCS-2670L devices that allows authenticated command injection.

Recommendations D-Link DCS-2530L versions prior to 1.06.01 Hotfix: Update to version 1.06.01 Hotfix or later. D-Link DCS-2670L versions through 2.02: Update to a version later than 2.02.

Exploit

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2020-25079

Affected Products

D-Link Dcs-2530L

D-Link Dcs-2670L

CVE-2020-25079

Weakness Enumeration

Related Identifiers

Affected Products

References · 11