CVE-2020-25758

Posted on by admin

CVE-2020-25758

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root.

Source: CVE-2020-25758

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다