9.8
CVE-2021-46442
- EPSS 8.69%
- Veröffentlicht 27.04.2022 11:15:44
- Zuletzt bearbeitet 21.11.2024 06:34:05
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginIn the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dlink ≫ Dir-825 Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.69% | 0.921 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|