CVE-2021-46231

Name of the Vulnerable Software and Affected Versions D-Link DI-7200G V2.E1 version 21.04.09E1

Description The issue is related to insufficient input validation in the urlrd opt.asp file of the D-Link DI-7200G V2.E1 router's firmware, specifically with the url en parameter. This allows a remote attacker to execute arbitrary commands.

Recommendations For D-Link DI-7200G V2.E1 version 21.04.09E1, as a temporary workaround, consider restricting access to the urlrd opt.asp function until a patch is available. Avoid using the url en parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.