CVE-2021-46353

Published: Mar 4, 2022Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application.

Affected (1)

Products: Dlink: Dir X1860 Firmware

1 product

Dir X1860 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir X1860 Firmware	Up to 1.03

Running on/with	Platform Versions
Dlink Dir X1860	Version a1

Related CWEs

Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

References (4)

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283

Source: cve@mitre.org

PatchVendor Advisory

https://www.dlink.com/en/security-bulletin/

Source: cve@mitre.org

Vendor Advisory

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.dlink.com/en/security-bulletin/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.