CVE-2021-41442

Published: Feb 9, 2022Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet.

Affected (1)

Products: Dlink: Dir X1860 Firmware

Dlink

1 product

Dir X1860 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir X1860 Firmware	Up to 1.03

Running on/with	Platform Versions
Dlink Dir X1860	All versions

Related CWEs

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

References (8)

http://d-link.com

Source: cve@mitre.org

Broken Link

http://dir-x1860.com

Source: cve@mitre.org

Broken LinkURL Repurposed

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283

Source: cve@mitre.org

Vendor Advisory

https://www.dlink.com/en/security-bulletin/

Source: cve@mitre.org

Vendor Advisory

http://d-link.com

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://dir-x1860.com

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkURL Repurposed

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.dlink.com/en/security-bulletin/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.