Dsl2888a Firmware@* Security Vulnerabilities and Issues — Dsl2888a Firmware@* CVE List

Lucene search

DlinkDsl2888a Firmware*

4 matches found

CVE•added 2020/12/22 7:15 p.m.•59 views

CVE-2020-24579

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality.

8.8CVSS8.8AI score0.87787EPSS

CVE•added 2020/12/22 7:15 p.m.•40 views

CVE-2020-24578

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files (such as the password hash file).

6.5CVSS7AI score0.1984EPSS

CVE•added 2020/12/22 7:15 p.m.•40 views

CVE-2020-24580

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. Lack of authentication functionality allows an attacker to assign a static IP address that was once used by a valid user.

7.5CVSS7.8AI score0.00097EPSS

CVE•added 2020/12/22 7:15 p.m.•35 views

CVE-2020-24581

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It contains an execute_cmd.cgi feature (that is not reachable via the web user interface) that lets an authenticated user execute Operating System commands.

8CVSS8AI score0.872EPSS