Published: 17/02/2022 Updated: 08/08/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 891

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dlink dir-820l_firmware -
dlink dir-820lw_firmware -
dlink dir-826l_firmware -
dlink dir-830l_firmware -
dlink dir-836l_firmware -
dlink dir-810l_firmware -

Google Play pulls sneaky data-harvesting apps with 46m+ downloads

The Register • Jessica Lyons Hardcastle • 01 Jan 1970

Get our weekly newsletter Plus: Fox News learns to use database passwords, Autodesk patches high-severity bugs, and CISA says retire old D-Link routers

In brief Google pulled a slew of Android apps with more than 46 million downloads from its Google Play Store after security researchers notified the cloud giant that the code contained some sneaky data-harvesting code. Apps included a speed camera radar, several Muslim prayer apps, a QR scanner, a WiFi mouse tool, a weather app and others. A Panama-based company Measurement Systems developed the code, according to AppCensus co-founder Joel Reardon, whose mobile app testing firm discovered ...

CVE-2021-45382

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect