CyberSec.Space Logo
Back to CVE Browser

CVE-2021-40655

Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
EPSS Score42.3260%
EPSS Percentile93.09th
PublishedSep 24, 2021
Last ModifiedNov 10, 2025

Vulnerability Description

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page

Affected Platforms (CPE)

πŸ’»
Dlink

Dir 605l Firmware

= 2.01mt

References & Advisories

πŸ”— https://github.com/Ilovewomen/D-LINK-DIR-605/
πŸ”— https://www.dlink.com/en/security-bulletin/
πŸ”— https://github.com/Ilovewomen/D-LINK-DIR-605/
πŸ”— https://www.dlink.com/en/security-bulletin/
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-40655

Related Vulnerabilities

CVE-2012-100219.8

A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 v...

CVE-2020-193188.8

Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized atta...

CVE-2017-96757.5

On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot.

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...