← ExploitWatch
HomeExploited Vulnerabilities

CVE-2016-20017 — Actively Exploited: DSL-2750B Devices (D-Link)

D-Link DSL-2750B devices contain a command injection vulnerability that allows remote, unauthenticated command injection via the login.cgi cli parameter.

CVE IDCVE-2016-20017
VendorD-Link
ProductDSL-2750B Devices
Vulnerability nameD-Link DSL-2750B Devices Command Injection Vulnerability
Date added2024-01-08
Remediation due2024-01-29
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionD-Link DSL-2750B devices contain a command injection vulnerability that allows remote, unauthenticated command injection via the login.cgi cli parameter.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →