CVE-2020-25506

D-Link DNS-320 Device Command Injection Vulnerability

D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution. Vendor/Product: D-Link DNS-320 Device. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2020-25506