CVE-2020-29323

HIGH

D-link DIR-885L-MFC - Info Disclosure

Title source: llm

Description

The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.

References (1)

[Exploit, Third Party Advisory] https://cybersecurityworks.com/zerodays/cve-2020-29323-telnet-hardcoded-credentials.html

Scores

CVSS v3 7.5

EPSS 0.0083

EPSS Percentile 74.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522 CWE-798

Status published

Affected Products (2)

dlink/dir-885l-mfc_firmware

Timeline

Published Jun 04, 2021

Tracked Since Feb 18, 2026