Lucene search

K
cve[email protected]CVE-2020-29321
HistoryJun 04, 2021 - 8:15 p.m.

CVE-2020-29321

2021-06-0420:15:07
CWE-798
CWE-522
web.nvd.nist.gov
48
4
cve-2020-29321
d-link router
dir-868l
credentials disclosure
telnet service
vulnerability
firmware
security
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.6 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.3%

The D-Link router DIR-868L 3.01 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.

Affected configurations

NVD
Node
dlinkdir-868lMatch-
AND
dlinkdir-868l_firmwareMatch3.01

CNA Affected

[
  {
    "product": "D-Link Router DIR-868L",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "3.01"
      }
    ]
  }
]

Social References

More

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.6 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.3%

Related for CVE-2020-29321