Unauthenticated Access to Reboot Vulnerability in D-Link DSR-250N Devices

Unauthenticated Access to Reboot Vulnerability in D-Link DSR-250N Devices

CVE-2020-26567 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

An issue was discovered on D-Link DSR-250N before 3.17B devices. The CGI script upgradeStatusReboot.cgi can be accessed without authentication. Any access reboots the device, rendering it therefore unusable for several minutes.

Learn more about our Web Application Penetration Testing UK.