CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10214

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_sync.cgi with a sufficiently long parameter ntp_server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.8%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://github.com/kuc001/IoTFirmware/blob/master/D-Link/vulnerability4.md
https://github.com/kuc001/IoTFirmware/blob/master/D-Link/vulnerability4.md

Products affected by CVE-2020-10214

Dlink » Dir-825 » Version: N/A

cpe:2.3:h:dlink:dir-825:-
Dlink » Dir-825 Firmware » Version: 2.10

cpe:2.3:o:dlink:dir-825_firmware:2.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10214

Products

Pricing

Contact Us