CVE-2021-41504

Name: CVE-2021-41504
Creator: NVD / NIST
Published: 2021-09-24T20:15:07.437+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8/10EPSS 0.48%

Last modified Jun 17, 2026

CVE-2021-41504 is a high-severity vulnerability rated 8/10 on the CVSS scale. An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. EPSS estimates a 0.48% chance of exploitation in the next 30 days.

Description

An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Metrics

CVSS 3.1

8/10

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.48%

37.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Dlink	Dcs-932l Firmware	<= 2.17
Dlink	Dcs-5000l Firmware	1.05

References

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10247Vendor Advisory
https://www.dlink.com/en/security-bulletin/Vendor Advisory
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10247Vendor Advisory
https://www.dlink.com/en/security-bulletin/Vendor Advisory

Timeline

Published: Sep 24, 2021
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2021-41504?

How severe is CVE-2021-41504?

CVE-2021-41504 has a CVSS score of 8/10 (HIGH severity). The EPSS model estimates a 0.48% probability of exploitation in the next 30 days.

How do I fix CVE-2021-41504?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-41504?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST