CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-44127

In DLink DAP-1360 F1 firmware version <=v6.10 in the "webupg" binary, an attacker can use the "file" parameter to execute arbitrary system commands when the parameter is "name=deleteFile" after being authorized.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.135

EPSS Ranking 93.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://github.com/tgp-top/DAP-1360/blob/main/README.md
https://www.dlink.com/en/security-bulletin/
https://github.com/tgp-top/DAP-1360/blob/main/README.md
https://www.dlink.com/en/security-bulletin/

Products affected by CVE-2021-44127

Dlink » Dap-1360 » Version: N/A

cpe:2.3:h:dlink:dap-1360:-
Dlink » Dap-1360f1 Firmware » Version: 6.10

cpe:2.3:o:dlink:dap-1360f1_firmware:6.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-44127

Products

Pricing

Contact Us