Threat Advisories - NVD Disclosed February 2, 2021

CVE-2020-25506

D-Link DNS-320 Command Injection Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A command injection vulnerability in D-Link DNS-320 devices allows attackers to execute arbitrary code remotely. This could result in unauthorized control, data compromise, or service disruption, posing a significant business risk.

NVD published: February 2, 2021 • CISA KEV