Post

CISA Adds Critical D-Link Vulnerabilities to Exploited Flaws Catalog

CISA Adds Critical D-Link Vulnerabilities to Exploited Flaws Catalog

TL;DR

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added critical vulnerabilities in D-Link cameras and Network Video Recorders to its Known Exploited Vulnerabilities (KEV) catalog. These flaws pose significant security risks, and federal agencies are required to address them by August 26, 2025. Private organizations are also advised to review and mitigate these vulnerabilities to protect their networks.

Main Content

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added several critical vulnerabilities in D-Link cameras and Network Video Recorders to its Known Exploited Vulnerabilities (KEV) catalog. This move highlights the ongoing threats posed by these security flaws and underscores the necessity for immediate action to mitigate potential risks.

Detailed Vulnerabilities

The vulnerabilities identified by CISA include:

  • CVE-2020-25078: A vulnerability in D-Link DCS-2530L (pre-1.06.01 Hotfix) and DCS-2670L (up to 2.02) devices allows remote attackers to access the admin password via an unauthenticated endpoint 1.

  • CVE-2020-25079: D-Link DCS-2530L (pre-1.06.01 Hotfix) and DCS-2670L (up to 2.02) devices have a flaw in cgi-bin/ddns_enc.cgi that allows authenticated command injection 2.

  • CVE-2022-40799: A data integrity flaw in the “Backup Config” feature of D-Link DNR-322L (≤ 2.60B15) lets authenticated attackers run OS-level commands on the device 3.

Compliance and Recommendations

According to Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies must address these vulnerabilities by the specified due date to safeguard their networks against potential attacks exploiting these flaws. CISA has set the deadline for federal agencies to fix these vulnerabilities by August 26, 2025.

In addition to federal agencies, CISA strongly recommends that private organizations review the Catalog and take necessary steps to address these vulnerabilities within their own infrastructure.

Stay Informed

For more updates and information on cybersecurity threats and vulnerabilities, follow reliable sources on social media platforms such as:

For further insights and detailed analysis, you can refer to the original article by Pierluigi Paganini on Security Affairs.

Conclusion

The inclusion of these D-Link vulnerabilities in CISA’s KEV catalog serves as a critical reminder of the ever-evolving cybersecurity landscape. It is imperative for both federal agencies and private organizations to stay vigilant and proactive in addressing these vulnerabilities to ensure robust network security.

References

  1. CVE-2020-25078. (n.d.). D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability. CVE. Retrieved 2025-08-06. ↩︎

  2. CVE-2020-25079. (n.d.). D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability. CVE. Retrieved 2025-08-06. ↩︎

  3. CVE-2022-40799. (n.d.). D-Link DNR-322L Download of Code Without Integrity Check Vulnerability. CVE. Retrieved 2025-08-06. ↩︎

This post is licensed under CC BY 4.0 by the author.