CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-29295

Null Pointer Dereference vulnerability exists in D-Link DSP-W215 1.10, which could let a remote malicious user cause a denial of servie via usr/bin/lighttpd. It could be triggered by sending an HTTP request without URL in the start line directly to the device. NOTE: The DSP-W215 and all hardware revisions is considered End of Life and as such this issue will not be patched

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.4%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10211
https://www.dlink.com/en/security-bulletin/
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10211
https://www.dlink.com/en/security-bulletin/

Products affected by CVE-2021-29295

Dlink » Dsp-W215 » Version: N/A

cpe:2.3:h:dlink:dsp-w215:-
Dlink » Dsp-W215 Firmware » Version: 1.10

cpe:2.3:o:dlink:dsp-w215_firmware:1.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-29295

Products

Pricing

Contact Us