The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.
References
Link | Resource |
---|---|
https://cybersecurityworks.com/zerodays/cve-2020-29324-d-link-router-dir-895l-mfc-telnet-hardcoded-credentials.html | Exploit Third Party Advisory |
https://cybersecurityworks.com/zerodays/cve-2020-29324-d-link-router-dir-895l-mfc-telnet-hardcoded-credentials.html | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 05:23
Type | Values Removed | Values Added |
---|---|---|
References | () https://cybersecurityworks.com/zerodays/cve-2020-29324-d-link-router-dir-895l-mfc-telnet-hardcoded-credentials.html - Exploit, Third Party Advisory |
Information
Published : 2021-06-04 20:15
Updated : 2024-11-21 05:23
NVD link : CVE-2020-29324
Mitre link : CVE-2020-29324
CVE.ORG link : CVE-2020-29324
JSON object : View
Products Affected
dlink
- dir-895l_mfc_firmware
- dir-895l_mfc
CWE
CWE-312
Cleartext Storage of Sensitive Information