12 matches found
The vulnerability in the web interface for managing D-Link DIR-2640-US microprogramming software allows a hacker to bypass security restrictions.
The vulnerability of the web interface for managing D-Link DIR-2640-US microprogramming software is related to deficiencies in the authentication process when processing the LoginPassword parameter. Exploiting this vulnerability allows a malicious actor to bypass security restrictions by sending ...
PT-2022-6582 · D Link · D-Link Dir-2640-Us
Name of the Vulnerable Software and Affected Versions: D-Link DIR-2640-US versions affected versions not specified Description: The issue is related to the implementation of the HNAP1 protocol in the D-Link DIR-2640-US router's firmware, specifically with the handling of the LocalIPAddress...
The vulnerability of the D-Link DIR-2640-US router’s microprogramming software lies in the insufficient protection of registration data, allowing attackers to elevate their privileges to the root level.
The vulnerability of the D-Link DIR-2640-US router’s microprogramming software is related to insufficient protection for registration data. Exploiting this vulnerability can allow attackers to elevate their privileges to the root level...
D-Link DIR-2640-US Incorrect Access Control Vulnerability
The D-Link DIR-2640-US is a network router device. A security vulnerability exists in the D-Link DIR-2640-US, which can be exploited by an attacker to use telnet login, modify routing information, monitor the traffic of all devices under the router, hijack DNS, and phishing attacks...
D-Link DIR-2640-US Account Password Plaintext Storage Vulnerability
The D-Link DIR-2640-US is a network router device. A security vulnerability exists in the D-Link DIR-2640-US, which can be exploited by an attacker to easily log in to the target router via a serial port and gain root privileges...
D-Link DIR-2640-US Buffer Overflow Vulnerability
The D-Link DIR-2640-US is a smart AC2600 high power Wi-Fi Gigabit router. A buffer overflow vulnerability exists in the D-Link DIR-2640-US version 1.01B04. An attacker can exploit this vulnerability by overriding a global variable in a .bss segment to cause a process crash or change...
Buffer overflow
D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600DIR-2640. Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes...
Design/Logic Flaw
D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600DIR-2640 stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users...
CVE-2021-34201
D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600DIR-2640. Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes...
CVE-2021-34203
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 dir-2640-us, when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telnet to log in, modify...
D-Link DIR-2640-US 安全漏洞
The D-Link DIR-2640-US is a network router device. A security vulnerability exists in the D-Link DIR-2640-US, which can be exploited by an attacker to use telnet login, modify routing information, monitor the traffic of all devices under the router, hijack DNS, and phishing attacks...
D-Link DIR-2640-US 安全漏洞
The D-Link DIR-2640-US is a network router device. A security vulnerability exists in the D-Link DIR-2640-US, which can be exploited by an attacker to easily log in to the target router via a serial port and gain root privileges...