Lucene search

[email protected]CVE-2023-26822

HistoryApr 01, 2023 - 11:15 p.m.

CVE-2023-26822

2023-04-0123:15:07

CWE-77

[email protected]

web.nvd.nist.gov

cve-2023-26822

d-link

go-rt-ac750

command injection

vulnerability

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.007 Low

EPSS

Percentile

80.8%

JSON

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main.

Affected configurations

NVD

Node

dlinkgo-rt-ac750Match-

AND

dlinkgo-rt-ac750_firmwareMatchreva_v101b03

CPENameOperatorVersion
dlink:go-rt-ac750_firmwaredlink go-rt-ac750 firmwareeqreva_v101b03

CPE	Name	Operator	Version
dlink:go-rt-ac750_firmware	dlink go-rt-ac750 firmware	eq	reva_v101b03

References

github.com/yzskyt/Vuln/blob/main/Go-RT-AC750/Go-RT-AC750.md

www.dlink.com/en/security-bulletin/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.007 Low

EPSS

Percentile

80.8%

JSON

Related for CVE-2023-26822

nvd1 prion1 cvelist1