Lucene search

[email protected]NVD:CVE-2021-3707

HistoryAug 16, 2021 - 5:15 a.m.

CVE-2021-3707

2021-08-1605:15:06

CWE-15

[email protected]

web.nvd.nist.gov

d-link

router

firmware

vulnerability

unauthorized configuration

modification

unauthenticated attacker

local network

cve-2021-3708

os commands

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

21.0%

JSON

D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device.

Affected configurations

Nvd

Node

dlinkdsl-2750u_firmwareRange≤1.16

AND

dlinkdsl-2750uMatch-

References

github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20%28firmware%20version%201.6%29/README.md

jvn.jp/en/vu/JVNVU92088210/

supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10230

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

21.0%

JSON

Related for NVD:CVE-2021-3707

cvelist2 githubexploit2 prion2 nvd1 cve2 cnvd2