← Back

Dsl 2640b Firmware

dsl-2640b_firmware

Vendor: Dlink • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-9279
1Dlink
1Dsl 2640b Firmware
Nov 21, 2024
Apr 20, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows management-interface login with high privileges. The logged-in user can perform critical tasks and take full control of the dev...Show more
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows management-interface login with high privileges. The logged-in user can perform critical tasks and take full control of the device.Show less
CVE-2020-9278
1Dlink
1Dsl 2640b Firmware
Nov 21, 2024
Apr 20, 2020
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its default configuration by accessing an unauthenticated URL.
CVE-2020-9277
1Dlink
1Dsl 2640b Firmware
Nov 21, 2024
Apr 20, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin password) with no authen...Show more
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin password) with no authentication.Show less
CVE-2020-9276
1Dlink
1Dsl 2640b Firmware
Nov 21, 2024
Apr 20, 2020
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The function do_cgi(), which processes cgi requests supplied to the device's web servers, is vulnerable to a remotely exploitable stack-based buffer overfl...Show more
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The function do_cgi(), which processes cgi requests supplied to the device's web servers, is vulnerable to a remotely exploitable stack-based buffer overflow. Unauthenticated exploitation is possible by combining this vulnerability with CVE-2020-9277.Show less
CVE-2020-9275
1Dlink
1Dsl 2640b Firmware
Nov 21, 2024
Apr 20, 2020
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on port 65002 allows remote, unauthenticated exfiltration of administrative credentials.
CVE-2012-1308
1Dlink
2Dsl 2640b
Dsl 2640b Firmware
Apr 29, 2026
Oct 8, 2012
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Link DSL-2640B Firmware EU_4.00 allows remote attackers to hijack the authentication of administrators for requests that change the administrator passwo...Show more
Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Link DSL-2640B Firmware EU_4.00 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter.Show less