{"id":"CVE-2020-25506","details":"D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution.","modified":"2026-03-14T10:06:53.441847Z","published":"2021-02-02T13:15:12.570Z","references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-25506"},{"type":"ADVISORY","url":"https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10183"},{"type":"ADVISORY","url":"https://www.dlink.com/en/security-bulletin/"},{"type":"EVIDENCE","url":"https://gist.github.com/WinMin/6f63fd1ae95977e0e2d49bd4b5f00675"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.06b01"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25506.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}