Versio.io

CVE-2021-45382

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 17-02-2022 10:15
Last modified: - 25-02-2022 10:25
Total changes: - 3

Description

A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
9.8
Base score
3.9
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=dlink AND product=dir-820l_firmware AND version=-
OR
vendor=dlink AND product=dir-820l AND version=-
AND
OR
vendor=dlink AND product=dir-820lw_firmware AND version=-
OR
vendor=dlink AND product=dir-820lw AND version=-
AND
OR
vendor=dlink AND product=dir-826l_firmware AND version=-
OR
vendor=dlink AND product=dir-826l AND version=-
AND
OR
vendor=dlink AND product=dir-830l_firmware AND version=-
OR
vendor=dlink AND product=dir-830l AND version=-
AND
OR
vendor=dlink AND product=dir-836l_firmware AND version=-
OR
vendor=dlink AND product=dir-836l AND version=-
AND
OR
vendor=dlink AND product=dir-810l_firmware AND version=-
OR
vendor=dlink AND product=dir-810l AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2021-45382

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.