PT-2020-15933 · D Link · D-Link Dcs-2530L+1
Published
2020-06-11
·
Updated
2025-11-07
·
CVE-2020-25079
CVSS v2.0
9.0
High
| AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
D-Link DCS-2530L versions prior to 1.06.01 Hotfix
D-Link DCS-2670L versions through 2.02
Description
An issue exists in the
cgi-bin/ddns enc.cgi file on D-Link DCS-2530L and DCS-2670L devices that allows authenticated command injection.Recommendations
D-Link DCS-2530L versions prior to 1.06.01 Hotfix: Update to version 1.06.01 Hotfix or later.
D-Link DCS-2670L versions through 2.02: Update to a version later than 2.02.
Exploit
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D-Link Dcs-2530L
D-Link Dcs-2670L