Details of VAR-202004-2274

ID

VAR-202004-2274

TITLE

D-Link DWL-2600 authentication remote command injection vulnerability

Trust: 0.6

sources: CNVD: CNVD-2020-22738

DESCRIPTION

D-Link DWL-2600 is a wireless access point device. D-Link DWL-2600 has a security hole. Attackers can use vulnerabilities to inject arbitrary commands.

Trust: 0.6

sources: CNVD: CNVD-2020-22738

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-22738

AFFECTED PRODUCTS

vendor:

d link

model:

dwl-2600

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2020-22738

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-22738
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2020-22738
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-22738

EXTERNAL IDS

db:	EXPLOITALERT	id:	35272	Trust: 0.6
db:	CNVD	id:	CNVD-2020-22738	Trust: 0.6

sources: CNVD: CNVD-2020-22738

REFERENCES

url:

https://www.exploitalert.com/view-details.html?id=35272

Trust: 0.6

sources: CNVD: CNVD-2020-22738

SOURCES

db:

CNVD

id:

CNVD-2020-22738

LAST UPDATE DATE

2022-05-17T01:46:20.522000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-22738

date:

2020-04-16T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-22738

date:

2020-04-14T00:00:00