exploitDog

CVE-2020-29324

Опубликовано: 04 июн. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.

Ссылки

https://cybersecurityworks.com/zerodays/cve-2020-29324-d-link-router-dir-895l-mfc-telnet-hardcoded-credentials.html
Exploit
Third Party Advisory
https://cybersecurityworks.com/zerodays/cve-2020-29324-d-link-router-dir-895l-mfc-telnet-hardcoded-credentials.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:dlink:dir-895l_mfc_firmware:1.21b05:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-895l_mfc:-:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00507

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-rr34-2qgv-579h

github

больше 3 лет назад

The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.

EPSS

Процентиль: 66%

0.00507

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-312