Lucene search
HistoryOct 19, 2022 - 5:15 a.m.
CVE-2016-20017
d-link
dsl-2750b
remote command injection
cve-2016-20017
nvd
security vulnerability
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 High
AI Score
Confidence
High
0.014 Low
EPSS
Percentile
86.5%
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.
Affected configurations
Node
dlinkdsl-2750b_firmwareRange<1.05
dlinkdsl-2750bMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| dlink:dsl-2750b_firmware | dlink dsl-2750b firmware | lt | 1.05 |
References
Social References
More
Related
prion
prion
Command injection
2022-10-19 05:15:00
openvas
openvas
D-Link DSL Devices 'login.cgi' RCE Vulnerability - Active Check
2018-09-04 00:00:00
cisa_kev
cisa_kev
D-Link DSL-2750B Devices Command Injection Vulnerability
2024-01-08 00:00:00
cvelist
cvelist
CVE-2016-20017
2022-10-19 00:00:00
nvd
nvd
CVE-2016-20017
2022-10-19 05:15:08
attackerkb
attackerkb
CVE-2016-20017
2022-10-19 00:00:00
thn
thn
mssecure
mssecure
Microsoft research uncovers new Zerobot capabilities
2022-12-21 20:00:00
mmpc
mmpc
Microsoft research uncovers new Zerobot capabilities
2022-12-21 20:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 High
AI Score
Confidence
High
0.014 Low
EPSS
Percentile
86.5%
Related for CVE-2016-20017