CVE-2021-34202

CWE-787Out-of-bounds Write3 documents3 sources
Severity
7.8HIGH
EPSS
0.3%
top 43.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dlink Dir-2640-us Firmware
Timeline
PublishedJun 16
Latest updateMay 24

Description

There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-rm56-645j-pf84: There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 12022-05-24
CVEList
CVE-2021-34202: There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 12021-06-16
CVE-2021-34202 (HIGH CVSS 7.8) | There are multiple out-of-bounds vu | cvebase.io