There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.
References
Link | Resource |
---|---|
http://d-link.com | Vendor Advisory |
http://dir-2640-us.com | Broken Link URL Repurposed |
https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202 | Exploit Third Party Advisory |
https://www.dlink.com/en/security-bulletin/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-16T18:56:06
Updated: 2021-06-16T18:56:06
Reserved: 2021-06-07T00:00:00
Link: CVE-2021-34202
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-16T19:15:39.263
Modified: 2024-02-14T01:17:43.863
Link: CVE-2021-34202
JSON object: View
Redhat Information
No data.
CWE