D-Link DAP-1620 - Local File Inclusion Vulnerability CVE-2021-46381 Scanner

Details

Stay Up To Date

Follow @secforeveryone

Asset Type

DOMAIN,IPV4,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

10

D-Link DAP-1620 - Local File Inclusion Vulnerability CVE-2021-46381 Scanner Detail

There is a local file inclusion vulnerability in D-Link DAP-1620, which allow remote attackers to read arbitrary files.

Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow].

Some Advice for Common Problems

You need to apply related fixes.
Sanitize all parameters received as input from the user.
Do not blacklist filenames. Use a whitelist of files and ignore every other filename and path.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service