CVE-2021-43474 β€” Command Injection in Dlink Dir-823g Firmware

CWE-77 β€” Command Injection3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
3.4%
top 12.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dlink Dir-823g Firmware
Timeline
PublishedApr 7
Latest updateApr 9

Description

An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any parameter in the HNAP1 function

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

β–ΆNVDdlink/dir-823g_firmware1.02b05

πŸ”΄Vulnerability Details

2
GHSA
GHSA-vp8j-4ggx-7j67: An Access Control vulnerability exists in D-Link DIR-823G REVA1 1β†—2022-04-09
β–Ά
CVEList
CVE-2021-43474: An Access Control vulnerability exists in D-Link DIR-823G REVA1 1β†—2022-04-07
β–Ά
CVE-2021-43474 β€” Command Injection in Dlink | cvebase