Dlink Dcs-2530L Firmware vulnerabilities
3 known vulnerabilities affecting dlink/dcs-2530l_firmware.
Total CVEs
3
CISA KEV
2
actively exploited
Public exploits
2
Exploited in wild
1
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2020-25078HIGHCVSS 7.5KEVPoC≤ 1.05.052020-09-02
CVE-2020-25078 [HIGH] CVE-2020-25078: An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices
An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure.
nvd
CVE-2020-25079HIGHCVSS 8.8KEV≤ 1.05.052020-09-02
CVE-2020-25079 [HIGH] CWE-77 CVE-2020-25079: An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices
An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated command injection.
nvd
CVE-2017-7852HIGHCVSS 8.8PoC≤ 1.00.212017-04-24
CVE-2017-7852 [HIGH] CWE-352 CVE-2017-7852: D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Fla
D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malici
nvd