CVE-2021-46381

HIGH EXPLOITED NUCLEI

D-Link DAP-1620 - Path Traversal

Title source: llm

Description

Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow].

Exploits (2)

exploitdb WORKING POC
by Momen Eldawakhly · textremotehardware
https://www.exploit-db.com/exploits/50919
nomisec WORKING POC
by JCPpeiqi · remote
https://github.com/JCPpeiqi/-cve-2021-46381

Nuclei Templates (1)

D-Link DAP-1620 - Local File Inclusion
HIGHby 0x_Akoko

References (3)

Scores

CVSS v3 7.5
EPSS 0.9050
EPSS Percentile 99.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2024-01-22
CWE
CWE-22
Status published
Products (1)
dlink/dap-1620_firmware
Published Mar 04, 2022
Tracked Since Feb 18, 2026