Dlink: >> Covr-2600r Firmware >> 1.01b05 Security Vulnerabilities
D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src.
CVSS Score
5.7
EPSS Score
0.001
Published
2024-10-07
D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration.
CVSS Score
9.8
EPSS Score
0.165
Published
2020-09-14