What is CVE-2021-45382?

CVE-2021-45382 is a Remote Code Execution (RCE) vulnerability in multiple D-Link routers.

Which D-Link routers are affected by CVE-2021-45382?

The following D-Link routers are affected by CVE-2021-45382: DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L.

CVE-2021-45382 has a severity rating of 9.8 (Critical).

CVE-2021-45382 allows remote attackers to execute arbitrary code on the affected D-Link routers through the DDNS function in the ncc2 binary file.

To fix CVE-2021-45382, it is recommended to update the firmware of the affected D-Link routers to the latest version provided by D-Link.

Exploited

CWE

17/2/2022

4/8/2024

First published: Thu Feb 17 2022(Updated: )

A remote code execution vulnerability exists in all series H/W revisions routers via the DDNS function in ncc2 binary file.

Credit: cve@mitre.org cve@mitre.org cve@mitre.org

The impacted product is end-of-life and should be disconnected if still in use.

What is CVE-2021-45382?
CVE-2021-45382 is a Remote Code Execution (RCE) vulnerability in multiple D-Link routers.
Which D-Link routers are affected by CVE-2021-45382?
The following D-Link routers are affected by CVE-2021-45382: DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L.
What is the severity of CVE-2021-45382?
CVE-2021-45382 has a severity rating of 9.8 (Critical).
How does CVE-2021-45382 work?
CVE-2021-45382 allows remote attackers to execute arbitrary code on the affected D-Link routers through the DDNS function in the ncc2 binary file.
How can I fix CVE-2021-45382?
To fix CVE-2021-45382, it is recommended to update the firmware of the affected D-Link routers to the latest version provided by D-Link.