DIR-825 G1
by Dlink
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-46441 | 0.01 | — | 0.32 | Apr 27, 2022 | In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization. | |||
| CVE-2021-46442 | 0.01 | — | 0.55 | Apr 27, 2022 | In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization. |
- CVE-2021-46441Apr 27, 2022risk 0.01cvss —epss 0.32
In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization.
- CVE-2021-46442Apr 27, 2022risk 0.01cvss —epss 0.55
In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization.