First published: Thu Sep 09 2021(Updated: )
D-Link DSL-3782 EU v1.01:EU v1.03 is affected by a buffer overflow which can cause a denial of service. This vulnerability exists in the web interface "/cgi-bin/New_GUI/Igmp.asp". Authenticated remote attackers can trigger this vulnerability by sending a long string in parameter 'igmpsnoopEnable' via an HTTP request.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dsl-3782 Firmware | =eu_1.01 | |
Dlink Dsl-3782 Firmware | =eu_1.03 | |
Dlink Dsl-3782 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-40284.
The severity of CVE-2021-40284 is medium with a CVSS score of 6.5.
The D-Link DSL-3782 EU firmware versions eu_1.01 and eu_1.03 are affected by CVE-2021-40284.
Authenticated remote attackers can trigger CVE-2021-40284 by sending a long string in the 'igmpsnoopEnable' parameter via the web interface '/cgi-bin/New_GUI/Igmp.asp'.
Yes, you can find the official references for CVE-2021-40284 at the following links: [SAP10245](https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10245) and [D-Link Security Bulletin](https://www.dlink.com/en/security-bulletin/).