Vulnerabilities > CVE-2021-27342 - Information Exposure Through Discrepancy vulnerability in Dlink Dir-842E Firmware 3.0.2

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
high complexity
dlink
CWE-203
NVD
Published: 2021-05-17
Updated: 2021-05-24

Summary

An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack

Vulnerable Configurations

Part Description Count
OS
Dlink
2
Hardware
Dlink
1

Common Weakness Enumeration (CWE)

References