Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-46378

Severity

7.5HIGH

EPSS

33.1%

top 3.11%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedMar 4

Latest updateMay 11

Description

DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

GHSA

GHSA-mqqv-pqjp-vhjw: DLink DIR850 ET850-1↗2022-03-05

▶

CVEList

CVE-2021-46378: DLink DIR850 ET850-1↗2022-03-04

▶

Exploit-DB

DLINK DIR850 - Insecure Access Control↗2022-05-11

▶