⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2020-25506

CWE-78OS Command InjectionCWE-77Command Injection9 documents8 sources
Severity
9.8CRITICAL
EPSS
94.3%
top 0.06%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Dlink Dns-320 Firmware
Timeline
PublishedFeb 2
KEV addedNov 3
KEV dueMay 3
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-vfrw-4wr4-4c85: D-Link DNS-320 FW v22022-05-24
CVEList
CVE-2020-25506: D-Link DNS-320 FW v22021-02-02
VulnCheck
D-Link DNS-320 Device Command Injection Vulnerability2020

💥Exploits & PoCs

1
Nuclei
D-Link DNS-320 - Unauthenticated Remote Code Execution

📋Vendor Advisories

1
CISA
D-Link DNS-320 Device Command Injection Vulnerability2021-11-03

🕵️Threat Intelligence

2
Unit42
New Mirai Variant Targeting Network Security Devices2021-03-16
Unit42
New Mirai Variant Targeting Network Security Devices2021-03-16
CVE-2020-25506 (CRITICAL CVSS 9.8) | D-Link DNS-320 FW v2.06B01 Revision | cvebase.io