CVE-2021-42784

CVE-2021-42784: OS Command Injection in debug_fcgi in D-Link DWR-932C E1 Firmware 1.0.0.4

Vendor D-Link

Product DWR-932C E1

Weakness CWE-78

Published November 23, 2021

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

OS Command Injection vulnerability in debug_fcgi of D-Link DWR-932C E1 firmware allows a remote attacker to perform command injection via a crafted HTTP request.

Key dates

02Disclosure timeline

November 23, 2021 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-42784

Related vulnerabilities

04Related CVE

CVE-2026-45578 WWBN AVideo Live: OS command injection in on_publish.php execAsync via unescaped m3u8 URL CVE-2026-41179 RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution CVE-2020-15425 CVE-2025-57799 StreamVault can perform remote command execution CVE-2021-32751 Arbitrary code execution via specially crafted environment variables