CVE-2021-29379 - CERT CVE
ID CVE-2021-29379
Sažetak An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Reference
CVSS
Base: 5.8
Impact: 6.4
Exploitability:6.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:A/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 03-08-2024 - 22:15
Objavljeno 12-04-2021 - 05:15