• October 12, 2024, 12:09:18 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DIR-3040 - Multiple Vulnerabilities  (Read 5986 times)

GreenBay42

  • Administrator
  • Level 11 Member
  • *
  • Posts: 2752
DIR-3040 - Multiple Vulnerabilities
« on: July 13, 2021, 09:30:23 AM »


For updated information and firmware patch, visit https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10228



Overview

On April 28, 2021, Cisco Talos security research submitted a report accusing the DIR-3040 using firmware v1.13B03 of multiple vulnerabilites. The Vulnerabilities was confirmed and a patch was issued too close the reported issues.

3rd Party Report information

- vulndiscovery _at_ external _dot_ cisco _dot_ com

TALOS-2021-1281 CVE-2021-21816 - Syslog information disclosure vulnerability
TALOS-2021-1282 CVE-2021-21817 - Zebra IP Routing Manager information disclosure vulnerability
TALOS-2021-1283 CVE-2021-21818 - Zebra IP Routing Manager hard-coded password vulnerability
TALOS-2021-1284 CVE-2021-21819 - Libcli command injection vulnerability
TALOS-2021-1285 CVE-2021-21820 - Libcli Test Environment hard-coded password vulnerability

Logged