CVE-2021-34202

Published: Jun 16, 2021Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.

Affected (1)

Products: Dlink: Dir 2640 Us Firmware

1 product

Dir 2640 Us Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 2640 Us Firmware	Version 1.01b04

Running on/with	Platform Versions
Dlink Dir 2640 Us	All versions

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (8)

http://d-link.com

Source: cve@mitre.org

Vendor Advisory

http://dir-2640-us.com

Source: cve@mitre.org

Broken LinkURL Repurposed

https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.dlink.com/en/security-bulletin/

Source: cve@mitre.org

Vendor Advisory

http://d-link.com

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://dir-2640-us.com

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkURL Repurposed

https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.dlink.com/en/security-bulletin/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.