Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2021-34202

Published: 16/06/2021 Updated: 14/02/2024
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Dlink

Vulnerability Summary

There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dlink dir-2640-us_firmware 1.01b04

Github Repositories

https://github.com/liyansong2018/firmware-analysis-plus

Simulate firmware with one click of firmadyne (使用 firmadyne 一键模拟固件)

Firmware Analysis Plus (Fap) 👉 English 上游项目支持:binwalk、firmadyne、firmware-analysis-toolkit firmware-analysis-plus(Fap)主要用于常见路由器固件的仿真,可以进行固件的安全测试。感谢以下开源项目:binwalk 提供优秀的固件提取 API,firmadyne 提供优秀的固件仿真核心支持,firmware-analysis-toolkit 提

References

CWE-787https://www.dlink.com/en/security-bulletin/http://d-link.comhttp://dir-2640-us.comhttps://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202https://nvd.nist.govhttps://github.com/liyansong2018/firmware-analysis-plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook