CVE-2021-28143

CVE-2021-28143

EPSS 32.0%

/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools).

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/vitorespf/Advisories/blob/master/DLINK-DIR-841-command-injection.txt https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10207