Unrated severityNVD Advisory· Published Aug 16, 2021· Updated Aug 3, 2024

CVE-2021-3708

Description

D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to OS command injection. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3707, to execute any OS commands on the vulnerable device.

Affected products

Dlink/DSL-2750Ecpe-rescue
Range: firmware vME1.16 or prior versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/vu/JVNVU92088210/mitrethird-party-advisoryx_refsource_JVN
github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20%28firmware%20version%201.6%29/README.mdmitrex_refsource_MISC
supportannouncement.us.dlink.com/announcement/publication.aspxmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.014
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000