CVE-2021-40655
| CVE Published | 2021-09-24 |
|---|---|
| Related CWE(s) | CWE-863: Incorrect Authorization |
| Related Vendor(s) | dlink |
| Related Product(s) | dir-605l_firmware |
| Exploitation Reported (CISA KEV) | 2024-05-16 |
| CVSS 3 Base Score | 7.5 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | NETWORK |
An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph