[ad_1]
D-Link has a firmware update for the Wireless access point DAP-2020 released that fixes three vulnerabilities. These could each be exploited without any authentication by attackers from neighboring networks (“network-adjacent attackers”) to execute code with root privileges (CVE-2021-27248, CVE-2021-27249, “High” classification, CVSS- Score 8.8) or to read out saved access data (CVE-2021-27250, Medium, 6.5).
Firmware versions up to and including v1.01 are affected by the vulnerabilities; D-Link has provided the hotfix v1.03rc002 and advises device owners to apply it quickly. The download link as well as further information are available D-Links Advisory on the gaps in DAP-2020 refer to.
[ad_2]