CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6765

D-Link DSL-GS225 J1 AU_1.0.4 devices allow an admin to execute OS commands by placing shell metacharacters after a supported CLI command, as demonstrated by ping -c1 127.0.0.1; cat/etc/passwd. The CLI is reachable by TELNET.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.1%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10165
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10165

Products affected by CVE-2020-6765

Dlink » Dsl-Gs225 » Version: j1

cpe:2.3:h:dlink:dsl-gs225:j1
Dlink » Dsl-Gs225 Firmware » Version: au_1.0.4

cpe:2.3:o:dlink:dsl-gs225_firmware:au_1.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6765

Products

Pricing

Contact Us