CVE-2020-25079
published 2020-09-02CVE-2020-25079: An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated command…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
KEV
CISA Known Exploited Vulnerabilitydue 2025-08-26
An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated command injection.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dlink | dcs-2530l_firmware | <= 1.05.05 | — |
| dlink | dcs-2670l_firmware | < 2.03.00 | 2.03.00 |
| dlink | dcs-4603_firmware | < 1.04.02 | 1.04.02 |
| dlink | dcs-4622_firmware | < 2.01.10 | 2.01.10 |
| dlink | dcs-4701e_firmware | < 2.03.01 | 2.03.01 |
| dlink | dcs-4703e_firmware | < 1.03.04 | 1.03.04 |
| dlink | dcs-4705e_firmware | < 1.03.02 | 1.03.02 |
| dlink | dcs-4802e_firmware | < 2.01.01 | 2.01.01 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck8.8HIGH
cisa8.8HIGH