CVE-2020-25368
published 2021-11-04CVE-2020-25368: A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dlink | dir-823g_firmware | — | — |