CVE-2020-29322

The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:dir-880l_firmware:1.07:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:23

Type Values Removed Values Added
References () https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html - Exploit, Third Party Advisory () https://cybersecurityworks.com/zerodays/cve-2020-29322-telnet-hardcoded-credentials.html - Exploit, Third Party Advisory

Information

Published : 2021-06-04 20:15

Updated : 2024-11-21 05:23


NVD link : CVE-2020-29322

Mitre link : CVE-2020-29322

CVE.ORG link : CVE-2020-29322


JSON object : View

Products Affected

dlink

  • dir-880l_firmware
  • dir-880l
CWE
CWE-522

Insufficiently Protected Credentials

CWE-798

Use of Hard-coded Credentials