VYPR

DIR-825 G1

by Dlink

CVEs (2)

  • CVE-2021-46441Apr 27, 2022
    risk 0.01cvss epss 0.32

    In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization.

  • CVE-2021-46442Apr 27, 2022
    risk 0.01cvss epss 0.55

    In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization.