Null Pointer Dereference Vulnerability in D-Link DSP-W215
CVE-2021-29295

7.5HIGH

Key Information:

Vendor
D-Link
Status
Dsp-w215 Firmware
Vendor
CVE Published:
10 August 2021

Summary

A null pointer dereference vulnerability exists in the D-Link DSP-W215 version 1.10, allowing a remote attacker to potentially trigger a denial of service by sending an HTTP request that omits the URL in its start line directly to the device. Due to its end-of-life status, the DSP-W215 and all hardware revisions will not receive any patches or fixes for this issue, exposing users to potential risks.

References

https://www.dlink.com/en/security-bulletin/
x_refsource_MISC
https://supportannouncement.us.dlink.com/announcement/pub...
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.