{"id":"CVE-2020-25079","details":"An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated command injection.","modified":"2026-03-14T10:22:17.102301Z","published":"2020-09-02T16:15:12.690Z","references":[{"type":"WEB","url":"https://support.dlink.com/productinfo.aspx?m=DCS-2530L"},{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-25079"},{"type":"FIX","url":"https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180"},{"type":"EVIDENCE","url":"https://twitter.com/Dogonsecurity/status/1271265152118259712"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25079.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"1.03.04"}]},{"events":[{"introduced":"0"},{"fixed":"1.03.02"}]},{"events":[{"introduced":"0"},{"fixed":"2.01.01"}]},{"events":[{"introduced":"0"},{"fixed":"1.04.02"}]},{"events":[{"introduced":"0"},{"fixed":"2.01.10"}]},{"events":[{"introduced":"0"},{"fixed":"2.03.01"}]},{"events":[{"introduced":"0"},{"last_affected":"1.05.05"}]},{"events":[{"introduced":"0"},{"fixed":"2.03.00"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}