VYPR
Unrated severityNVD Advisory· Published Dec 15, 2020· Updated Aug 4, 2024

CVE-2020-25758

CVE-2020-25758

Description

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • D-Link/DSR-250description
  • Dlink/Dsr 250llm-fuzzy
    Range: = 3.17

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.