Code Execution Flaw in D-Link DAP-1330 Routers
CVE-2021-34827
8.8HIGH
What is CVE-2021-34827?
A vulnerability in D-Link DAP-1330 routers allows network-adjacent attackers to execute arbitrary code without authentication. The flaw arises from inadequate validation of user-supplied data in the SOAPAction HTTP header, enabling attackers to inject excessive data into a fixed-length buffer. This vulnerability potentially allows full control over the device, posing significant risks to network integrity.
Affected Version(s)
DAP-1330 1.13B01 BETA