Lucene search

[email protected]CVE-2021-21818

HistoryJul 16, 2021 - 11:15 a.m.

CVE-2021-21818

2021-07-1611:15:00

CWE-798

[email protected]

web.nvd.nist.gov

cve-2021-21818

hard-coded password

vulnerability

zebra ip routing manager

d-link dir-3040

denial of service

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

44.3%

JSON

A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of requests to trigger this vulnerability.

CPENameOperatorVersion
dlink:dir-3040_firmwaredlink dir-3040 firmwareeq1.13b03

CPE	Name	Operator	Version
dlink:dir-3040_firmware	dlink dir-3040 firmware	eq	1.13b03

References

talosintelligence.com/vulnerability_reports/TALOS-2021-1283

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

44.3%

JSON

Related for CVE-2021-21818

seebug1 prion1 talos1 cnvd1 openvas1 talosblog1