Unrated severityCISA KEVNVD Advisory· Published Sep 2, 2020· Updated Oct 21, 2025

CVE-2020-25078

Description

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure.

Affected products

D-Link/DCS-2530Ldescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

supportannouncement.us.dlink.com/announcement/publication.aspxmitrex_refsource_MISC
twitter.com/Dogonsecurity/status/1273251236167516161mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.075
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000