Unrated severityNVD Advisory· Published Aug 10, 2021· Updated Aug 3, 2024

CVE-2021-28838

Description

Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695 1.20RC093, DAP-3320 1.05RC027 BETA and DAP-3662 1.05rc069 in the sbin/httpd binary. The crash happens at the `atoi' operation when a specific network package are sent to the httpd binary.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

D-Link/DAP-2310description
Dlink/DAP-2310llm-fuzzy
Range: =2.10RC039
Dlink/DAP-2330llm-fuzzy
Range: =1.10RC036
Dlink/DAP-2360llm-fuzzy
Range: =2.10RC055

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

github.com/zyw-200/EQUAFL/blob/main/dlink-email-cve.pdfmitrex_refsource_MISC
github.com/zyw-200/EQUAFL/blob/main/dlink-email-cve2.pdfmitrex_refsource_MISC
www.dlink.com/en/security-bulletin/mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000