Описание
D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to OS command injection. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3707, to execute any OS commands on the vulnerable device.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.16 (включая)
Одновременно
cpe:2.3:o:dlink:dsl-2750u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-2750u:-:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17115
Средний
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to OS command injection. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3707, to execute any OS commands on the vulnerable device.
EPSS
Процентиль: 95%
0.17115
Средний
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-78
CWE-78