CVSS: 9.8EPSS: 97%CPEs: 2EXPL: 1CVE-2020-25506 – D-Link DNS-320 Device Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2020-25506
D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution. D-Link DNS-320 FW versión v2.06B01 Revisión Ax, está afectado por una inyección de comandos en el componente system_mgr.cgi, que puede conllevar a una ejecución de código arbitraria remota D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution. • https://gist.github.com/WinMin/6f63fd1ae95977e0e2d49bd4b5f00675 https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10183 https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •