CVE-2021-42627
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-42627
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
D-Link DIR-615 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
D-Link DIR-615是中国台湾友讯(D-Link)公司的一款无线路由器。 D-Link DIR-615 20.06固件版本存在安全漏洞,该漏洞源于WAN 配置页面无需身份验证即可直接访问,这可能导致泄露有关 WAN 设置的信息,攻击者利用该漏洞可以修改页面的数据字段。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2021-42627
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | D-Link DIR-615 devices with firmware 20.06 are susceptible to unauthorized access. An attacker can access the WAN configuration page wan.htm without authentication, which can lead to disclosure of WAN settings, data modification, and/or other unauthorized operations. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-42627.yaml | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-42627
请登录查看更多情报信息。
- http://dlink.comx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2021-42627
Same Patch Batch · n/a · 2022-08-23 · 54 CVEs total
| CVE-2022-24381 | 7.5 HIGH | Denial of Service (DoS) |
| CVE-2022-25888 | 7.5 HIGH | Denial of Service (DoS) |
| CVE-2022-25761 | 7.5 HIGH | Denial of Service (DoS) |
| CVE-2022-24298 | 7.5 HIGH | Denial of Service (DoS) |
| CVE-2022-21208 | 7.5 HIGH | Denial of Service (DoS) |
| CVE-2022-25231 | 7.5 HIGH | Denial of Service (DoS) |
| CVE-2022-25304 | 7.5 HIGH | Denial of Service (DoS) |
| CVE-2022-25302 | 7.5 HIGH | Denial of Service (DoS) |
| CVE-2022-37428 | 6.5 MEDIUM | PowerDNS Recursor 安全漏洞 |
| CVE-2021-3839 | DPDK 缓冲区错误漏洞 | |
| CVE-2021-3690 | Red Hat JBoss Enterprise Application Platform资源管理错误漏洞 | |
| CVE-2022-35115 | IceWarp WebClient SQL注入漏洞 | |
| CVE-2020-35509 | Red Hat Keycloak 信任管理问题漏洞 | |
| CVE-2021-3827 | Red Hat Keycloak 授权问题漏洞 | |
| CVE-2021-3798 | openCryptoki 安全漏洞 | |
| CVE-2022-37111 | BlueCMS SQL注入漏洞 | |
| CVE-2022-37112 | BlueCMS SQL注入漏洞 | |
| CVE-2022-37113 | BlueCMS SQL注入漏洞 | |
| CVE-2022-37223 | jfinal cms SQL注入漏洞 | |
| CVE-2022-37199 | jfinal cms SQL注入漏洞 |
Showing top 20 of 54 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2021-42627
No comments yet