Dlink Covr-2600R Firmware vulnerabilities
2 known vulnerabilities affecting dlink/covr-2600r_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-20432P2CRITICALCVSS 9.8≤ 1.01b052020-09-14
CVE-2018-20432 [CRITICAL] CWE-798 CVE-2018-20432: D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connec
D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration.
nvd
CVE-2024-44674P4MEDIUMCVSS 5.7v1.01b052024-10-07
CVE-2024-44674 [MEDIUM] CWE-121 CVE-2024-44674: D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REF
D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src.
nvd