CVE-2021-21819: OS Command Injection
First published: Fri Jul 16 2021(Updated: )
A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dlink Dir-3040 Firmware | =1.13b03 | |
| Dlink Dir-3040 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this code execution vulnerability?
The vulnerability ID is CVE-2021-21819.
What is the severity rating of CVE-2021-21819?
The severity rating of CVE-2021-21819 is critical with a score of 7.2.
Which software is affected by this vulnerability?
The D-LINK DIR-3040 version 1.13B03 firmware is affected by this vulnerability.
How can this vulnerability be exploited?
This vulnerability can be exploited by sending a specially crafted network request that can lead to arbitrary command execution.
Is there any reference or additional information about this vulnerability?
Yes, you can find more information about CVE-2021-21819 at the following reference link: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1284
- collector/nvd-index
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/type
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/dlink
- canonical/dlink dir-3040 firmware
- version/dlink dir-3040 firmware/1.13b03
- canonical/dlink dir-3040