The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Tuesday added three outdated security flaws impacting D-Hyperlink routers to its Identified Exploited Vulnerabilities (KEV) catalog, based mostly on proof of lively exploitation within the wild.
The high-severity vulnerabilities, that are from 2020 and 2022, are listed beneath –
- CVE-2020-25078 (CVSS rating: 7.5) – An unspecified vulnerability in D-Hyperlink DCS-2530L and DCS-2670L gadgets that would enable for distant administrator password disclosure
- CVE-2020-25079 (CVSS rating: 8.8) – An authenticated command injection vulnerability within the cgi-bin/ddns_enc.cgi element affecting D-Hyperlink DCS-2530L and DCS-2670L gadgets
- CVE-2020-40799 (CVSS rating: 8.8) – A obtain of code with out an integrity examine vulnerability in D-Hyperlink DNR-322L that would enable an authenticated attacker to execute working system-level instructions on the gadget
There are at the moment no particulars on how these shortcomings are being exploited within the wild, though a December 2024 advisory from the U.S. Federal Bureau of Investigation (FBI) warned of HiatusRAT campaigns actively scanning internet cameras which can be susceptible to CVE-2020-25078.
It is price noting that CVE-2020-40799 stays unpatched because of the affected mannequin reaching end-of-life (EoL) standing as of November 2021. Customers nonetheless counting on DNR-322L are suggested to discontinue and substitute them. Fixes for the opposite two flaws had been launched by D-Hyperlink in 2020.
In gentle of lively exploitation, it is important that Federal Civilian Government Department (FCEB) companies perform the mandatory mitigation steps by August 26, 2025, to safe their networks.
