A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
References
| Link | Resource |
|---|---|
| https://talosintelligence.com/vulnerability_reports/TALOS-2021-1284 | Exploit Third Party Advisory |
| https://talosintelligence.com/vulnerability_reports/TALOS-2021-1284 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
21 Nov 2024, 05:49
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://talosintelligence.com/vulnerability_reports/TALOS-2021-1284 - Exploit, Third Party Advisory |
29 Jul 2022, 14:52
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-78 | |
| CVSS |
v2 : v3 : |
v2 : 9.0
v3 : 7.2 |
22 Jul 2021, 14:02
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2021-1284 - Exploit, Third Party Advisory | |
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-3040:-:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 7.2 |
16 Jul 2021, 11:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-07-16 11:15
Updated : 2024-11-21 05:49
NVD link : CVE-2021-21819
Mitre link : CVE-2021-21819
CVE.ORG link : CVE-2021-21819
JSON object : View
Products Affected
dlink
- dir-3040_firmware
- dir-3040
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')