CVE-2021-34201 — HIGH (7.1)

Vulnerability Description

D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Dlink	Dir-2640-Us Firmware	1.01b04
Dlink	Dir-2640-Us	-

Related Weaknesses (CWE)

CWE-787

References

http://d-link.comProduct
http://dir-2640-us.comProductURL Repurposed
https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34201ExploitThird Party Advisory
https://www.dlink.com/en/security-bulletin/Vendor Advisory
http://d-link.comProduct
http://dir-2640-us.comProductURL Repurposed
https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34201ExploitThird Party Advisory
https://www.dlink.com/en/security-bulletin/Vendor Advisory

FAQ

What is CVE-2021-34201?

CVE-2021-34201 is a vulnerability with a CVSS score of 7.1 (HIGH). D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the globa...

How severe is CVE-2021-34201?

CVE-2021-34201 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-34201?

Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-2640-Us Firmware, Dlink Dir-2640-Us.