Buffer Overflow Vulnerability in D-Link AC2600 Router
CVE-2021-34201

7.1HIGH

Key Information:

Vendor
D-Link
Status
Dir-2640-us Firmware
Vendor
CVE Published:
16 June 2021

Summary

The D-Link AC2600 (DIR-2640) router contains multiple out-of-bounds vulnerabilities that can be exploited by local users. This allows them to overwrite global variables in the .bss section, potentially leading to process crashes or unexpected behavior. Such vulnerabilities can compromise the stability of the router, posing significant risks to the integrity of network communications.

References

http://d-link.com
x_refsource_MISC
https://www.dlink.com/en/security-bulletin/
x_refsource_MISC
http://dir-2640-us.com
x_refsource_MISC

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.