First published: Fri Jan 29 2021(Updated: )
An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer overflow in the web interface allows attackers to achieve pre-authentication remote code execution.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dir-825 R1 Firmware | <=3.0.1 | |
Dlink Dir-825 | =r1 | |
Dlink Dir-825\/a | =d1a | |
Dlink Dir-825\/ac | =e | |
Dlink Dir-825\/ac | =e1a | |
Dlink Dir-825\/acf | =f1 | |
Dlink Dir-825\/gf | =gf | |
D-Link DIR-825 R1 Devices | ||
All of | ||
Any of | ||
Dlink Dir-825 | =r1 | |
Dlink Dir-825\/a | =d1a | |
Dlink Dir-825\/ac | =e | |
Dlink Dir-825\/ac | =e1a | |
Dlink Dir-825\/acf | =f1 | |
Dlink Dir-825\/gf | =gf | |
Dlink Dir-825 R1 Firmware | <=3.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-29557 is a buffer overflow vulnerability found in D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20.
CVE-2020-29557 has a severity rating of 9.8, which is considered critical.
Attackers can exploit CVE-2020-29557 by leveraging the buffer overflow in the web interface to achieve pre-authentication remote code execution.
Yes, D-Link DIR-825 R1 firmware version 3.0.1 is vulnerable to CVE-2020-29557.
To fix CVE-2020-29557, it is advised to update the firmware of the affected D-Link DIR-825 R1 devices to a version beyond 3.0.1 released after 2020-11-20.