CVE-2021-34202

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: D-Link AC2600(DIR-2640) version 1.01B04

Description: The issue involves multiple out-of-bounds vulnerabilities in certain processes. These vulnerabilities can elevate ordinary permissions to administrator permissions, leading to local arbitrary code execution. An attacker may combine these vulnerabilities with others to achieve remote code execution.

Recommendations: For D-Link AC2600(DIR-2640) version 1.01B04, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2021-34202

Affected Products

D-Link Ac2600

CVE-2021-34202

Weakness Enumeration

Related Identifiers

Affected Products

References · 7