Vulnerability Details CVE-2021-46441
In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.55
EPSS Ranking 97.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2021-46441
-
cpe:2.3:h:dlink:dir-825:g1
-
cpe:2.3:o:dlink:dir-825_firmware:-