CVE-2020-25078

Name of the Vulnerable Software and Affected Versions D-Link DCS-2530L versions prior to 1.06.01 Hotfix D-Link DCS-2670L versions through 2.02

Description An issue exists on D-Link DCS-2530L and DCS-2670L devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure. This vulnerability is actively exploited in the wild, as confirmed by CISA’s Known Exploited Vulnerabilities (KEV) catalog. The HiatusRAT actors are targeting web cameras and DVRs, including those affected by this vulnerability.

Recommendations Update D-Link DCS-2530L to version 1.06.01 Hotfix or later. Update D-Link DCS-2670L to a version after 2.02.