Unrated severityCISA KEVNVD Advisory· Published Oct 19, 2022· Updated Oct 21, 2025
CVE-2016-20017
CVE-2016-20017
Description
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
1- What do Ports Hear When Nobody's Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)SANS Internet Storm Center · Jun 25, 2026