5.5

CVE-2021-3707

D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DlinkDsl-2750u Firmware Version <= 1.16
   DlinkDsl-2750u Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.54% 0.717
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
CWE-15 External Control of System or Configuration Setting

One or more system settings or configuration elements can be externally controlled by a user.

https://github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20%28firmware%20version%201.6%29/README.md
https://jvn.jp/en/vu/JVNVU92088210/
Third Party Advisory
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10230
Vendor Advisory