CVE-2020-29557
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
94.7%
An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer overflow in the web interface allows attackers to achieve pre-authentication remote code execution.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dlink | dir-825 | r1 | cpe:2.3:h:dlink:dir-825:r1:*:*:*:*:*:*:* |
| dlink | dir-825\/a | d1a | cpe:2.3:h:dlink:dir-825\/a:d1a:*:*:*:*:*:*:* |
| dlink | dir-825\/ac | e | cpe:2.3:h:dlink:dir-825\/ac:e:*:*:*:*:*:*:* |
| dlink | dir-825\/ac | e1a | cpe:2.3:h:dlink:dir-825\/ac:e1a:*:*:*:*:*:*:* |
| dlink | dir-825\/acf | f1 | cpe:2.3:h:dlink:dir-825\/acf:f1:*:*:*:*:*:*:* |
| dlink | dir-825\/gf | gf | cpe:2.3:h:dlink:dir-825\/gf:gf:*:*:*:*:*:*:* |
| dlink | dir-825_r1_firmware | * | cpe:2.3:o:dlink:dir-825_r1_firmware:*:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
94.7%