Vulnerabilities > CVE-2021-34202 - Out-of-bounds Write vulnerability in Dlink Dir-2640-Us Firmware 1.01B04

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

dlink

CWE-787

NVD

Published: 2021-06-16

Updated: 2024-02-14

Summary

There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.

Vulnerable Configurations

Part	Description	Count
OS	Dlink Dlink DIR 2640 US Firmware 1.01B04	1
Hardware	Dlink Dlink DIR 2640 US -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.dlink.com/en/security-bulletin/
http://d-link.com
http://dir-2640-us.com
https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202