CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-34202

There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

http://d-link.com
http://dir-2640-us.com
https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202
https://www.dlink.com/en/security-bulletin/
http://d-link.com
http://dir-2640-us.com
https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202
https://www.dlink.com/en/security-bulletin/

Products affected by CVE-2021-34202

Dlink » Dir-2640-Us » Version: N/A

cpe:2.3:h:dlink:dir-2640-us:-
Dlink » Dir-2640-Us Firmware » Version: 1.01b04

cpe:2.3:o:dlink:dir-2640-us_firmware:1.01b04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-34202

Products

Pricing

Contact Us