NVD disclosure day

Published threat advisories for September 2, 2020

CVE-2020-25079

D-Link Camera Command Injection Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Certain D-Link devices have a command injection vulnerability, potentially allowing unauthorized command execution. This presents a risk of compromised systems and data. The exploitability of this issue is confirmed and it is listed in the KEV catalog.

NVD published: September 2, 2020 • CISA KEV

CVE advisoryKnown Exploit

CVE-2020-25078

D-Link Camera Password Disclosure Risk

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

D-Link DCS-2530L and DCS-2670L devices have a vulnerability allowing remote administrator password disclosure. This poses a business risk by potentially enabling unauthorized access to device configurations and impacting data confidentiality.

NVD published: September 2, 2020 • CISA KEV