Vulnerabilities > Dlink > DSR 250 Firmware > 3.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-02 | CVE-2020-18568 | OS Command Injection vulnerability in Dlink Dsr-1000N Firmware and Dsr-250 Firmware The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection vulnerability, which can cause remote command execution. | 9.8 |
| 2020-12-15 | CVE-2020-25759 | OS Command Injection vulnerability in Dlink products An issue was discovered on D-Link DSR-250 3.17 devices. | 8.8 |
| 2020-12-15 | CVE-2020-25758 | Improper Validation of Integrity Check Value vulnerability in Dlink products An issue was discovered on D-Link DSR-250 3.17 devices. | 8.8 |
| 2020-12-15 | CVE-2020-25757 | OS Command Injection vulnerability in Dlink products A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges. | 8.8 |