← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-25506 — Actively Exploited: DNS-320 Device (D-Link)

D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution.

CVE IDCVE-2020-25506
VendorD-Link
ProductDNS-320 Device
Vulnerability nameD-Link DNS-320 Device Command Injection Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionD-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →