First published: Tue Aug 10 2021(Updated: )
** UNSUPPORTED WHEN ASSIGNED **Null Pointer Dereference vulnerability in D-Link DIR-825 2.10b02, which could let a remote malicious user cause a denial of service. The vulnerability could be triggered by sending an HTTP request with URL /vct_wan; the sbin/httpd would invoke the strchr function and take NULL as a first argument, which finally leads to the segmentation fault. NOTE: The DIR-825 and all hardware revisions is considered End of Life and as such this issue will not be patched.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dir-825 Firmware | =2.10b02 | |
Dlink Dir-825 | ||
All of | ||
Dlink Dir-825 Firmware | =2.10b02 | |
Dlink Dir-825 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-29296.
The title of the vulnerability is 'Null Pointer Dereference vulnerability in D-Link DIR-825 2.10b02.'
The severity of CVE-2021-29296 is high (7.5).
A remote malicious user can exploit CVE-2021-29296 by sending an HTTP request with URL /vct_wan.
It is recommended to check the D-Link security bulletin (link provided) for information on available fixes.