【Vulnerability Alert】 D-Link DIR-600 Router High-Risk Vulnerability (CVE-2021-40655)

【Vulnerability Alert】 D-Link DIR-600 Router High-Risk Vulnerability (CVE-2021-40655) - Immediate Patch Required

publish date : 2024-05-23 update date : 2024-05-23

Source: Ministry of education information & communication security contingency platform


Publication Number	TACERT-ANA-2024052201050707	Publication Time	2024/05/22 13:48
Incident Type	ANA-Vulnerability Alert	Discovery Time	2024/05/22 13:48
Impact Level	Medium
[Subject] 【Vulnerability Alert】 D-Link DIR-600 Router High-Risk Vulnerability (CVE-2021-40655) - Immediate Patch Required
[Content] Forwarded from the National Institute of Cyber Security NISAC-200-202405-00000171 Researchers have discovered a Sensitive Information Disclosure vulnerability (CVE-2021-40655) in the D-Link DIR-600 router. Remote attackers without authentication can exploit this vulnerability by sending forged POST requests to obtain user accounts and passwords. This vulnerability has been exploited by hackers. Please verify and take appropriate action immediately. Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform] ● D-Link dir-605 B2 2.01MT
[Recommended Actions] The affected product is no longer supported by the manufacturer. It is recommended to replace the device.
[Reference] 1. https://nvd.nist.gov/vuln/detail/CVE-2021-40655 2. https://www.cvedetails.com/cve/CVE-2021-40655 3. https://github.com/Ilovewomen/D-LINK-DIR-605

(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw

Organizer: Computer Center

Click Num:

Share