Dir-2640-us Firmware@1.01b04 Security Vulnerabilities and Issues — Dir-2640-us Firmware@1.01b04 CVE List

Lucene search

DlinkDir-2640-us Firmware1.01b04

4 matches found

cve•added 2021/06/16 8:15 p.m.•57 views

CVE-2021-34204

D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600(DIR-2640) stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users...

7.2CVSS6.7AI score0.00061EPSS

cve•added 2021/06/16 8:15 p.m.•56 views

CVE-2021-34203

D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telnet to log in, modify...

8.1CVSS8AI score0.00069EPSS

cve•added 2021/06/16 8:15 p.m.•50 views

CVE-2021-34201

D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes.

7.1CVSS7AI score0.00057EPSS

cve•added 2021/06/16 7:15 p.m.•48 views

CVE-2021-34202

There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remo...

7.8CVSS8AI score0.00246EPSS