Vulnerability Description
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dir-820L Firmware | - |
| Dlink | Dir-820L | - |
| Dlink | Dir-820Lw Firmware | - |
| Dlink | Dir-820Lw | - |
| Dlink | Dir-826L Firmware | - |
| Dlink | Dir-826L | - |
| Dlink | Dir-830L Firmware | - |
| Dlink | Dir-830L | - |
| Dlink | Dir-836L Firmware | - |
| Dlink | Dir-836L | - |
| Dlink | Dir-810L Firmware | - |
| Dlink | Dir-810L | - |
Related Weaknesses (CWE)
References
- https://github.com/doudoudedi/D-LINK_Command_Injection1/blob/main/D-LINK_CommandExploitThird Party Advisory
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP1Vendor Advisory
- https://github.com/doudoudedi/D-LINK_Command_Injection1/blob/main/D-LINK_CommandExploitThird Party Advisory
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP1Vendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-US Government Resource
FAQ
What is CVE-2021-45382?
CVE-2021-45382 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note...
How severe is CVE-2021-45382?
CVE-2021-45382 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-45382?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-820L Firmware, Dlink Dir-820L, Dlink Dir-820Lw Firmware, Dlink Dir-820Lw, Dlink Dir-826L Firmware.