CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-20132

HIGH
8.8
CVSS Severity Score
EPSS Score0.0500%
EPSS Percentile44.13th
Published2021年12月30日
Last Modified2024年11月21日

Vulnerability Description

Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote attacker to gain administrative access to the zebra or ripd those services. Both are running with root privileges on the router (i.e., as the "admin" user, UID 0).

Affected Platforms (CPE)

💻
Dlink

Dir 2640 Us Firmware

<= 1.11b02

References & Advisories

🔗 https://www.tenable.com/security/research/tra-2021-44
🔗 https://www.tenable.com/security/research/tra-2021-44

相关漏洞威胁

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...