Null Pointer Dereference vulnerability in D-Link DIR-825 2.10b02, which could let a remote malicious user cause a denial of service. The vulnerability could be triggered by sending an HTTP request with URL /vct_wan; the sbin/httpd would invoke the strchr function and take NULL as a first argument, which finally leads to the segmentation fault. NOTE: The DIR-825 and all hardware revisions is considered End of Life and as such this issue will not be patched
References
Link | Resource |
---|---|
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10212 | Vendor Advisory |
https://www.dlink.com/en/security-bulletin/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-08-10T19:52:06
Updated: 2024-06-04T17:15:28.480Z
Reserved: 2021-03-29T00:00:00
Link: CVE-2021-29296
JSON object: View
NVD Information
Status : Modified
Published: 2021-08-10T20:15:08.530
Modified: 2024-06-04T19:17:04.097
Link: CVE-2021-29296
JSON object: View
Redhat Information
No data.
CWE