CVE-2021-46353

An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
dlinkdir-x1860_firmware
𝑥
≤ 1.03
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283
https://www.dlink.com/en/security-bulletin/
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283
https://www.dlink.com/en/security-bulletin/