Dwr 932C E1 Firmware
CVE-2021-42783
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Missing Authentication for Critical Function vulnerability in debug_post_set.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions.
AnalysisAI
Missing Authentication for Critical Function vulnerability in debug_post_set.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified as Missing Authentication for Critical Function (CWE-306), which allows attackers to access critical functionality without authentication. Missing Authentication for Critical Function vulnerability in debug_post_set.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions. Affected products include: Dlink Dwr-932C E1 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Require authentication for all sensitive operations, implement defense in depth.
More in Dwr 932C E1 Firmware
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today