Vulnerability CVE-2020-26567


Published: 2020-10-08

Description:
An issue was discovered on D-Link DSR-250N before 3.17B devices. The CGI script upgradeStatusReboot.cgi can be accessed without authentication. Any access reboots the device, rendering it therefore unusable for several minutes.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
D-Link DSR-250N 3.12 Denial of Service (PoC)
RedTeam Pentesti...
09.10.2020

 References:
http://seclists.org/fulldisclosure/2020/Oct/14
https://www.redteam-pentesting.de/advisories/rt-sa-2020-002

Copyright 2024, cxsecurity.com

 

Back to Top