First published: Fri Jul 16 2021(Updated: )
An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dir-3040 Firmware | =1.13b03 | |
Dlink Dir-3040 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-21816 is an information disclosure vulnerability that exists in the Syslog functionality of D-LINK DIR-3040 1.13B03.
CVE-2021-21816 has a severity rating of 4.3 (medium severity).
CVE-2021-21816 can lead to the disclosure of sensitive information when a specially crafted network request is sent to the Syslog functionality.
Yes, an attacker can exploit CVE-2021-21816 remotely by sending a malicious HTTP request.
To fix CVE-2021-21816, it is recommended to update the D-LINK DIR-3040 firmware to a version that addresses the vulnerability.