CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-29294

Null Pointer Dereference vulnerability exists in D-Link DSL-2740R UK_1.01, which could let a remove malicious user cause a denial of service via the send_hnap_unauthorized function. It could be triggered by sending crafted POST request to /HNAP1/. NOTE: The DSL-2740R and all hardware revisions are considered End of Life and as such this issue will not be patched

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10213
https://www.dlink.com/en/security-bulletin/
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10213
https://www.dlink.com/en/security-bulletin/

Products affected by CVE-2021-29294

Dlink » Dsl-2740r » Version: N/A

cpe:2.3:h:dlink:dsl-2740r:-
Dlink » Dsl-2740r Firmware » Version: uk_1.01

cpe:2.3:o:dlink:dsl-2740r_firmware:uk_1.01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-29294

Products

Pricing

Contact Us