Back to KEVs

CVE-2020-25079

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated...

Basic Information

CVE State
PUBLISHED
Reserved Date
September 02, 2020
Published Date
September 02, 2020
Last Updated
October 21, 2025
Vendor
n/a
Product
n/a
Description
An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated command injection.
Tags
cisa nessus_scanner

CVSS Scores

CVSS v3.1

8.8 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

9.0

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2026-06-01 10:38:24 UTC) Source

References

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180 https://twitter.com/Dogonsecurity/status/1271265152118259712

Known Exploited Vulnerability Information

Source Added Date
CVE 2026-06-01 10:38:24 UTC

Scanner Integrations

Scanner URL Date Detected
Nessus https://www.tenable.com/plugins/nessus/316488 2026-05-23 16:40:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Detected by Nessus

  • Added to KEVIntel