CVE-2021-41441 Information

Description

A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to reboot the router via sending a specially crafted URL to an authenticated victim. The authenticated victim need to visit this URL for the router to reboot.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H

Reference

https://www.dlink.com/en/security-bulletin/ https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283 http://dir-x1860.com http://d-link.com

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.4