Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Apr 15, 2022

CVE-2020-9377

High
EPSS 76.6%CISA KEV
D-Link/DIR-610 Devices

Description

D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.

EPSS — Exploit Probability

76.6%

Higher than 98.9% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2020-9377

Risk Assessment

HIGH
In CISA KEV
High EPSS

Details

Severity
High
EPSS
76.6%
CISA KEV
Yes
Ransomware
Unknown
Articles
0

Timeline

Published

Mar 25, 2022

Added to KEV

Mar 25, 2022

Remediation Due

Apr 15, 2022

Affected Product

D-Link

DIR-610 Devices

View all D-Link CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE