← back
CVE-2021-45382

CVE-2021-45382

CVSS 9.8 CRITICALEPSS 97.8%● KEVCWE-78
In short

D-Link routers have a critical flaw in their DDNS feature that allows attackers to run malicious commands remotely without authentication. Since these router models are no longer supported, the vulnerability will never be fixed.

Technical detail

CWE-78 command injection exists in the ncc2 binary's DDNS function across multiple D-Link router models, enabling unauthenticated remote code execution via unsanitized input. The affected hardware revisions have reached end-of-life status and will not receive patches.

Summary generated and translated by AI from the official description.
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/doudoudedi/D-LINK_Command_Injection1/blob/main/D-LINK_Command_injection.mdhttps://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10264https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-45382