CVE-2021-3707

D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:dsl-2750u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-2750u:-:*:*:*:*:*:*:*

History

25 Oct 2022, 16:04

Type Values Removed Values Added
CWE CWE-862 NVD-CWE-Other

22 Mar 2022, 19:21

Type Values Removed Values Added
CPE cpe:2.3:o:d-link:dsl-2750u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:d-link:dsl-2750u:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsl-2750u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-2750u:-:*:*:*:*:*:*:*

24 Aug 2021, 17:48

Type Values Removed Values Added
CWE CWE-862
CVSS v2 : unknown
v3 : unknown
v2 : 2.1
v3 : 5.5
CPE cpe:2.3:o:d-link:dsl-2750u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:d-link:dsl-2750u:-:*:*:*:*:*:*:*
References (MISC) https://github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20(firmware%20version%201.6)/README.md - (MISC) https://github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20(firmware%20version%201.6)/README.md - Third Party Advisory
References (CONFIRM) https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10230 - (CONFIRM) https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10230 - Vendor Advisory
References (JVN) https://jvn.jp/en/vu/JVNVU92088210/ - (JVN) https://jvn.jp/en/vu/JVNVU92088210/ - Third Party Advisory

16 Aug 2021, 05:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-08-16 05:15

Updated : 2024-02-04 21:47


NVD link : CVE-2021-3707

Mitre link : CVE-2021-3707

CVE.ORG link : CVE-2021-3707


JSON object : View

Products Affected

dlink

  • dsl-2750u
  • dsl-2750u_firmware
CWE
NVD-CWE-Other CWE-15

External Control of System or Configuration Setting