CVE-2021-34202

Sažetak

There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.

Reference

https://www.dlink.com/en/security-bulletin/
http://d-link.com
http://dir-2640-us.com
https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

23-06-2021 - 23:10

Objavljeno

16-06-2021 - 19:15