Command Injection Vulnerability in D-Link DCS-2530L and DCS-2670L Devices
CVE-2020-25079

8.8HIGH

Key Information:

Vendor: D-Link
Status: Dcs-2530l Firmware
Vendor: CVE Published:; 2 September 2020

Badges

👾 Exploit Exists🟣 EPSS 45%🦅 CISA Reported

What is CVE-2020-25079?

Authenticated command injection vulnerability exists in D-Link DCS-2530L and DCS-2670L devices, allowing attackers to execute arbitrary commands through the cgi-bin/ddns_enc.cgi interface. Users are urged to update their devices to the latest firmware to mitigate the risk posed by this security flaw.

CISA has reported CVE-2020-25079

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2020-25079 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

References

https://supportannouncement.us.dlink.com/announcement/pub...

x_refsource_MISC

https://twitter.com/Dogonsecurity/status/1271265152118259712

x_refsource_MISC

EPSS Score

45% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Aug 5, 2025
🦅
CISA Reported
Aug 5, 2025
Vulnerability published
Sep 2, 2020
Vulnerability Reserved
Sep 2, 2020