CVSS: 9.0EPSS: 0%CPEs: 20EXPL: 0CVE-2020-25759
https://notcve.org/view.php?id=CVE-2020-25759
An issue was discovered on D-Link DSR-250 3.17 devices. Certain functionality in the Unified Services Router web interface could allow an authenticated attacker to execute arbitrary commands, due to a lack of validation of inputs provided in multipart HTTP POST requests. Se detectó un problema en los dispositivos D-Link DSR-250 versión 3.17. Determinada funcionalidad en la interfaz web Unified Services Router podría permitir a un atacante autenticado ejecutar comandos arbitrarios, debido a una falta de comprobación de entradas proporcionadas en peticiones HTTP POST de múltiples partes • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10195 https://www.digitaldefense.com/news/zero-day-vuln-d-link-vpn-routers https://www.dlink.com/en/security-bulletin • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 20EXPL: 0CVE-2020-25758
https://notcve.org/view.php?id=CVE-2020-25758
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root. Se detectó un problema en los dispositivos D-Link DSR-250 versión 3.17. Una comprobación insuficiente de checksums del archivo de configuración, podría permitir a un atacante autenticado remoto inyectar entradas crontab arbitrarias en las configuraciones guardadas antes de cargarlas. • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10195 https://www.digitaldefense.com/news/zero-day-vuln-d-link-vpn-routers https://www.dlink.com/en/security-bulletin • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-25757
https://notcve.org/view.php?id=CVE-2020-25757
A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges. This affects DSR-150, DSR-250, DSR-500, and DSR-1000AC with firmware 3.14 and 3.17. Una falta de comprobación de entrada y controles de acceso en Lua CGI en enrutadores D-Link DSR VPN, puede resultar en una entrada arbitraria que es pasada a las API de comando del sistema, resultando en una ejecución de comandos arbitrarios con privilegios root. Esto afecta a DSR-150, DSR-250, DSR-500 y DSR-1000AC con versiones de firmware 3.14 y 3.17 • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10195 https://www.digitaldefense.com/news/zero-day-vuln-d-link-vpn-routers https://www.dlink.com/en/security-bulletin • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 10%CPEs: 2EXPL: 4CVE-2020-26567 – D-Link DSR-250N 3.12 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2020-26567
An issue was discovered on D-Link DSR-250N before 3.17B devices. The CGI script upgradeStatusReboot.cgi can be accessed without authentication. Any access reboots the device, rendering it therefore unusable for several minutes. Se detectó un problema en los dispositivos D-Link DSR-250N versiones anteriores a 3.17B. Se puede acceder al script CGI upgradeStatusReboot.cgi sin autenticación. • https://www.exploit-db.com/exploits/48863 http://packetstormsecurity.com/files/159516/D-Link-DSR-250N-Denial-Of-Service.html http://seclists.org/fulldisclosure/2020/Oct/14 https://www.redteam-pentesting.de/advisories/rt-sa-2020-002 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 2CVE-2012-6614
https://notcve.org/view.php?id=CVE-2012-6614
D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password. Los dispositivos D-Link DSR-250N versiones anteriores a 1.08B31, permite a usuarios autenticados remotos obtener "persistent root access" por medio de la CLI de BusyBox, como es demostrado al sobrescribir la contraseña de super usuario. • ftp://ftp2.dlink.com/PRODUCTS/DSR-250N/REVA/DSR-SERIES_RELEASE_NOTES_v3.14.pdf http://www.exploit-db.com/exploits/22930 https://packetstormsecurity.com/files/118355/D-Link-DSR-250N-Backdoor.html • CWE-862: Missing Authorization •