CVE-2020-29323
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.
El router D-link DIR-885L-MFC versiones 1.15b02, v1.21b05 es vulnerable a una divulgación de credenciales en el servicio telnet a través de la descompilación del firmware, lo que permite a un atacante no autenticado conseguir acceso al firmware y extraer datos confidenciales
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-11-27 CVE Reserved
- 2021-06-04 CVE Published
- 2024-04-26 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-522: Insufficiently Protected Credentials
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cybersecurityworks.com/zerodays/cve-2020-29323-telnet-hardcoded-credentials.html | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dlink Search vendor "Dlink" | Dir-885l-mfc Firmware Search vendor "Dlink" for product "Dir-885l-mfc Firmware" | 1.15b02 Search vendor "Dlink" for product "Dir-885l-mfc Firmware" and version "1.15b02" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dir-885l-mfc Search vendor "Dlink" for product "Dir-885l-mfc" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dir-885l-mfc Firmware Search vendor "Dlink" for product "Dir-885l-mfc Firmware" | 1.21b05 Search vendor "Dlink" for product "Dir-885l-mfc Firmware" and version "1.21b05" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dir-885l-mfc Search vendor "Dlink" for product "Dir-885l-mfc" | - | - |
Safe
|