Hub WAF rule

More info

vpatch-CVE-2020-25078 WAF Rule

« D-Link - Information Disclosure »
v0.1 by crowdsecurity
WAF rule

Detects unauthorized access to D-Link camera administrator password disclosure endpoint.

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2020-25078

YAML Configuration

1## autogenerated on 2025-09-24 14:17:17
2name: crowdsecurity/vpatch-CVE-2020-25078
3description: 'Detects unauthorized access to D-Link camera administrator password disclosure endpoint.'
4rules:
5  - and:
6    - zones:
7        - URI
8      transform:
9        - lowercase
10        - urldecode
11      match:
12        type: contains
13        value: '/config/getuser'
14    - zones:
15        - ARGS
16      variables:
17        - 'index'
18      transform:
19        - lowercase
20        - urldecode
21      match:
22        type: regex
23        value: '^[0-9]+$'
24labels:
25  type: exploit
26  service: http
27  confidence: 3
28  spoofable: 0
29  behavior: 'http:exploit'
30  label: 'D-Link - Information Disclosure'
31  classification:
32    - cve.CVE-2020-25078
33    - attack.T1592
34    - cwe.CWE-200
35

Hub WAF rule

« D-Link - Information Disclosure »v0.1 by crowdsecurityWAF rule

« D-Link - Information Disclosure »
v0.1 by crowdsecurity
WAF rule