Multiple Out-of-Bounds Vulnerabilities in D-Link AC2600(DIR-2640) 1.01B04: Local Arbitrary Code Execution and Remote Code Execution

Multiple Out-of-Bounds Vulnerabilities in D-Link AC2600(DIR-2640) 1.01B04: Local Arbitrary Code Execution and Remote Code Execution

CVE-2021-34202 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution.

Learn more about our Web Application Penetration Testing UK.