CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-28839

Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the upload_certificate function of sbin/httpd binary. When the binary handle the specific HTTP GET request, the strrchr in the upload_certificate function would take NULL as first argument, and incur the NULL pointer dereference vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2021-28839

Dlink » Dap-2310 » Version: N/A

cpe:2.3:h:dlink:dap-2310:-
Dlink » Dap-2330 » Version: N/A

cpe:2.3:h:dlink:dap-2330:-
Dlink » Dap-2360 » Version: N/A

cpe:2.3:h:dlink:dap-2360:-
Dlink » Dap-2553 » Version: N/A

cpe:2.3:h:dlink:dap-2553:-
Dlink » Dap-2660 » Version: N/A

cpe:2.3:h:dlink:dap-2660:-
Dlink » Dap-2690 » Version: N/A

cpe:2.3:h:dlink:dap-2690:-
Dlink » Dap-2695 » Version: N/A

cpe:2.3:h:dlink:dap-2695:-
Dlink » Dap-3320 » Version: N/A

cpe:2.3:h:dlink:dap-3320:-
Dlink » Dap-3662 » Version: N/A

cpe:2.3:h:dlink:dap-3662:-
Dlink » Dap-2310 Firmware » Version: 2.0.7.rc031

cpe:2.3:o:dlink:dap-2310_firmware:2.0.7.rc031
Dlink » Dap-2330 Firmware » Version: 1.07.rc028

cpe:2.3:o:dlink:dap-2330_firmware:1.07.rc028
Dlink » Dap-2360 Firmware » Version: 2.07.rc043

cpe:2.3:o:dlink:dap-2360_firmware:2.07.rc043
Dlink » Dap-2553 Firmware » Version: 3.06.rc027

cpe:2.3:o:dlink:dap-2553_firmware:3.06.rc027
Dlink » Dap-2660 Firmware » Version: 1.13.rc074

cpe:2.3:o:dlink:dap-2660_firmware:1.13.rc074
Dlink » Dap-2690 Firmware » Version: 3.16.rc100

cpe:2.3:o:dlink:dap-2690_firmware:3.16.rc100
Dlink » Dap-2695 Firmware » Version: 1.17.rc063

cpe:2.3:o:dlink:dap-2695_firmware:1.17.rc063
Dlink » Dap-3320 Firmware » Version: 1.01.rc014

cpe:2.3:o:dlink:dap-3320_firmware:1.01.rc014
Dlink » Dap-3662 Firmware » Version: 1.01.rc022

cpe:2.3:o:dlink:dap-3662_firmware:1.01.rc022

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-28839

Products

Pricing

Contact Us