🔴 CVE-2020-25078

D-Link DCS-2530L and DCS-2670L IP cameras expose an unauthenticated /config/getuser endpoint that allows remote disclosure of administrator passwords. This vulnerability enables direct network exploitation against internet-facing security cameras commonly deployed for remote monitoring.

← Back to Overview
HIGH_RISK
Risk Level
7.5
CVSS Score
NETWORK
Attack Vector
Initial Access
ATT&CK Tactic
T1190 — Exploit Public-Facing Application
ATT&CK Technique
HIGH
Deployment Risk
No
Ransomware

📋 Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2020-09-02

Added to CISA KEV: 2025-08-05 1798 DAYS BETWEEN CVE AND KEV

🎯 Recommendations:

🔍 Web Intelligence (Kagi · 2026-06-04)

CVE-2020-25078 is a high-severity information disclosure vulnerability affecting certain D-Link DCS series cameras [2]. It is officially recognized in the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog, indicating it has been actively exploited in the wild [1].

Technical Details and Exploitation
  • Attack Method: The vulnerability exists in the `/config/getuser` endpoint of the affected devices [1].
  • Requirements: Exploitation is unauthenticated and network-based, meaning an attacker does not need prior access or user interaction to trigger the flaw [1].
  • Impact: Successful exploitation allows a remote attacker to disclose the administrator password for the device, granting them unauthorized administrative access [1] [2].
Affected Products and Mitigation
The following device versions are known to be affected:
  • D-Link DCS-2530L: Versions before 1.06.01 Hotfix [1].
  • D-Link DCS-2670L: Versions through 2.02 [1].
Users of these devices are advised to consult CISA’s Binding Operational Directive (BOD) 22-01 and the Known Exploited Vulnerabilities Catalog for specific remediation requirements and guidance [1]. Generally, applying the latest available firmware updates provided by the manufacturer is the primary mitigation strategy.

Sources

  1. NVD - CVE-2020-25078

    This CVE is in CISA's Known Exploited Vulnerabilities Catalog Reference CISA's BOD 22-01 and Known Exploited Vulnerabilities Catalog for further guidance and requirements. ... CVE-2020-25078 Detail. Description. An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through…

  2. CVE-2020-25078 | High Vulnerability in D-Link DCS-2530L and ...

    A high-severity vulnerability affecting D-Link DCS-2530L and DCS-2670L devices could allow unauthorized access to administrator passwords.

Generated by PatchNow Intelligence System

Analysis based on CIRCL.LU data, Claude AI assessment, and MITRE ATT&CK framework

📄 Download JSON Data | 📡 RSS Feed