Dsl-2640b Firmware Security Vulnerabilities and Issues — Dsl-2640b Firmware CVE List

Lucene search

DlinkDsl-2640b Firmware

5 matches found

CVE•added 2020/04/20 11:15 p.m.•50 views

CVE-2020-9279

An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows management-interface login with high privileges. The logged-in user can perform critical tasks and take full control of the device.

10CVSS9.4AI score0.02222EPSS

CVE•added 2020/04/20 11:15 p.m.•35 views

CVE-2020-9275

An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on port 65002 allows remote, unauthenticated exfiltration of administrative credentials.

9.8CVSS9.4AI score0.00756EPSS

CVE•added 2020/04/20 11:15 p.m.•34 views

CVE-2020-9277

An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin password) with no authentication.

9.8CVSS8.6AI score0.00661EPSS

CVE•added 2020/04/20 11:15 p.m.•29 views

CVE-2020-9278

An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its default configuration by accessing an unauthenticated URL.

9.1CVSS9.1AI score0.00638EPSS

CVE•added 2020/04/20 11:15 p.m.•25 views

CVE-2020-9276

An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The function do_cgi(), which processes cgi requests supplied to the device's web servers, is vulnerable to a remotely exploitable stack-based buffer overflow. Unauthenticated exploitation is possible by combining this vulnerability wi...

9CVSS9.2AI score0.00838EPSS