Vulnerability Details CVE-2020-29557
An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer overflow in the web interface allows attackers to achieve pre-authentication remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.919
EPSS Ranking 99.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
Proposed Action
D-Link DIR-825 R1 devices contain a buffer overflow vulnerability in the web interface that may allow for remote code execution.
Ransomware Campaign
Unknown
References
Products affected by CVE-2020-29557
-
cpe:2.3:h:dlink:dir-825/a:d1a
-
cpe:2.3:h:dlink:dir-825/ac:e
-
cpe:2.3:h:dlink:dir-825/ac:e1a
-
cpe:2.3:h:dlink:dir-825/acf:f1
-
cpe:2.3:h:dlink:dir-825/gf:gf
-
cpe:2.3:h:dlink:dir-825:r1
-
cpe:2.3:o:dlink:dir-825_r1_firmware:3.0.1