CVEブラウザに戻る

CVE-2021-20697

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0070%

EPSS Percentile5.47th

Published2021年4月26日

Last Modified2024年11月21日

Vulnerability Description

Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier allows a remote attacker to login to the device as an authenticated user without the access privilege via unspecified vectors.

Affected Platforms (CPE)

💻

Dlink

Dap 1880ac Firmware

<= 1.21

References & Advisories

🔗 https://jvn.jp/en/vu/JVNVU92898656/index.html

🔗 https://www.dlink-jp.com/support/release/jvnvu92898656_dap-1880ac.html

🔗 https://jvn.jp/en/vu/JVNVU92898656/index.html

🔗 https://www.dlink-jp.com/support/release/jvnvu92898656_dap-1880ac.html

関連する脆弱性情報

CVE-2021-206948.8

Improper access control vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to by...

CVE-2021-206958.8

Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote...

CVE-2021-206968.8

DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to execute arbitrary OS commands by sending a ...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...