Vulnerabilities > CVE-2021-3707 - Unspecified vulnerability in Dlink Dsl-2750U Firmware 1.11
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 | |
| Hardware | 1 |
References
- https://github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20%28firmware%20version%201.6%29/README.md
- https://github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20%28firmware%20version%201.6%29/README.md
- https://jvn.jp/en/vu/JVNVU92088210/
- https://jvn.jp/en/vu/JVNVU92088210/
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10230
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10230