CVE-2021-28839

Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the upload_certificate function of sbin/httpd binary. When the binary handle the specific HTTP GET request, the strrchr in the upload_certificate function would take NULL as first argument, and incur the NULL pointer dereference vulnerability.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:dap-2310_firmware:2.0.7.rc031:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-2310:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dlink:dap-2330_firmware:1.07.rc028:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-2330:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dlink:dap-2360_firmware:2.07.rc043:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-2360:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dlink:dap-2553_firmware:3.06.rc027:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-2553:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dlink:dap-2660_firmware:1.13.rc074:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-2660:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dlink:dap-2690_firmware:3.16.rc100:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-2690:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dlink:dap-2695_firmware:1.17.rc063:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-2695:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dlink:dap-3320_firmware:1.01.rc014:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-3320:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dlink:dap-3662_firmware:1.01.rc022:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-3662:-:*:*:*:*:*:*:*

Information

Published : 2021-08-10 11:15

Updated : 2021-08-17 07:59


NVD link : CVE-2021-28839

Mitre link : CVE-2021-28839


JSON object : View

CWE
CWE-476

NULL Pointer Dereference

Advertisement

dedicated server usa

Products Affected

dlink

  • dap-2553
  • dap-3320_firmware
  • dap-2310_firmware
  • dap-2690_firmware
  • dap-3662_firmware
  • dap-2690
  • dap-2660_firmware
  • dap-2695_firmware
  • dap-3320
  • dap-3662
  • dap-2660
  • dap-2330_firmware
  • dap-2360
  • dap-2360_firmware
  • dap-2553_firmware
  • dap-2330
  • dap-2310
  • dap-2695