Sign-up

ID

VAR-202012-0331


CVE

CVE-2020-25757


TITLE

plural  D-Link  In a router made by  OS  Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-014726

DESCRIPTION

A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges. This affects DSR-150, DSR-250, DSR-500, and DSR-1000AC with firmware 3.14 and 3.17. plural D-Link For routers made OS There are command injection vulnerabilities and input verification vulnerabilities.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Trust: 1.62

sources: NVD: CVE-2020-25757 // JVNDB: JVNDB-2020-014726

AFFECTED PRODUCTS

vendor:dlinkmodel:dsr-150nscope:lteversion:3.17

Trust: 1.0

vendor:dlinkmodel:dsr-500acscope:lteversion:3.17

Trust: 1.0

vendor:dlinkmodel:dsr-500nscope:eqversion:*

Trust: 1.0

vendor:dlinkmodel:dsr-1000nscope:lteversion:3.17

Trust: 1.0

vendor:dlinkmodel:dsr-1000acscope:lteversion:3.17

Trust: 1.0

vendor:dlinkmodel:dsr-250nscope:lteversion:3.17

Trust: 1.0

vendor:dlinkmodel:dsr-250scope:lteversion:3.17

Trust: 1.0

vendor:dlinkmodel:dsr-150scope:lteversion:3.17

Trust: 1.0

vendor:dlinkmodel:dsr-500scope:lteversion:3.17

Trust: 1.0

vendor:dlinkmodel:dsr-1000scope:lteversion:3.17

Trust: 1.0

vendor:d linkmodel:dsr-1000scope: - version: -

Trust: 0.8

vendor:d linkmodel:dsr-500acscope: - version: -

Trust: 0.8

vendor:d linkmodel:dsr-150nscope: - version: -

Trust: 0.8

vendor:d linkmodel:dsr-150scope: - version: -

Trust: 0.8

vendor:d linkmodel:dsr-1000acscope: - version: -

Trust: 0.8

vendor:d linkmodel:dsr-250nscope: - version: -

Trust: 0.8

vendor:d linkmodel:dsr-500nscope: - version: -

Trust: 0.8

vendor:d linkmodel:dsr-1000nscope: - version: -

Trust: 0.8

vendor:d linkmodel:dsr-250scope: - version: -

Trust: 0.8

vendor:d linkmodel:dsr-500scope: - version: -

Trust: 0.8

sources: NVD: CVE-2020-25757 // JVNDB: JVNDB-2020-014726

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2020-25757
value: HIGH

Trust: 1.8

CNNVD: CNNVD-202012-1107
value: HIGH

Trust: 0.6

NVD: CVE-2020-25757
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.8

NVD: CVE-2020-25757
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT_NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2020-25757
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: NVD: CVE-2020-25757 // CNNVD: CNNVD-202012-1107 // JVNDB: JVNDB-2020-014726

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.0

problemtype:CWE-78

Trust: 1.0

problemtype:Incorrect input confirmation (CWE-20) [NVD Evaluation ]

Trust: 0.8

problemtype:OS Command injection (CWE-78) [NVD Evaluation ]

Trust: 0.8

sources: NVD: CVE-2020-25757 // JVNDB: JVNDB-2020-014726

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202012-1107

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202012-1107

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2020-25757

PATCH
title:Unauthenticated & Authenticated Command Injection Vulnerabilitiesurl:https://www.dlink.com/en/security-bulletin
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-014726

EXTERNAL IDS
db:NVDid:CVE-2020-25757
Trust: 2.4
db:DLINKid:SAP10195
Trust: 1.6
db:JVNDBid:JVNDB-2020-014726
Trust: 0.8
db:CNNVDid:CNNVD-202012-1107
Trust: 0.6
sources:
            
            
            NVD: CVE-2020-25757 // 
            
            
            
            CNNVD: CNNVD-202012-1107 // 
            
            
            
            JVNDB: JVNDB-2020-014726

REFERENCES
url:https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10195
Trust: 1.6
url:https://www.dlink.com/en/security-bulletin
Trust: 1.6
url:https://www.digitaldefense.com/news/zero-day-vuln-d-link-vpn-routers/
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2020-25757
Trust: 1.4
sources:
            
            
            NVD: CVE-2020-25757 // 
            
            
            
            CNNVD: CNNVD-202012-1107 // 
            
            
            
            JVNDB: JVNDB-2020-014726

SOURCES
db:NVDid:CVE-2020-25757
db:CNNVDid:CNNVD-202012-1107
db:JVNDBid:JVNDB-2020-014726

LAST UPDATE DATE
2021-12-17T04:57:47.164000+00:00

SOURCES UPDATE DATE
db:NVDid:CVE-2020-25757date:2021-07-21T11:39:00
db:CNNVDid:CNNVD-202012-1107date:2020-12-24T00:00:00
db:JVNDBid:JVNDB-2020-014726date:2021-08-27T08:23:00

SOURCES RELEASE DATE
db:NVDid:CVE-2020-25757date:2020-12-15T20:15:00
db:CNNVDid:CNNVD-202012-1107date:2020-12-15T00:00:00
db:JVNDBid:JVNDB-2020-014726date:2021-08-27T00:00:00