CVE-2020-29322

CWE-522Insufficiently Protected CredentialsCWE-798Hard-coded Credentials3 documents3 sources
Severity
7.5HIGH
EPSS
0.6%
top 30.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dlink Dir-880l Firmware
Timeline
PublishedJun 4
Latest updateMay 24

Description

The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5d-link_router_dir-880l1.07

🔴Vulnerability Details

2
GHSA
GHSA-9v84-5wgx-22rg: The D-Link router DIR-880L 12022-05-24
CVEList
CVE-2020-29322: The D-Link router DIR-880L 12021-06-04
CVE-2020-29322 (HIGH CVSS 7.5) | The D-Link router DIR-880L 1.07 is | cvebase.io