CVE-2023-44420

🗓️ 03 May 2024 02:13:49Reported by zdiType

D-Link DIR-X3260 prog.cgi authentication bypass vulnerability. Incorrect implementation of authentication algorithm allows attackers to bypass authentication.

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2023-44420	3 May 202403:15	–	attackerkb
BDU FSTEC	The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to bypass the authentication process and gain full access to the device.	6 Oct 202300:00	–	bdu_fstec
Circl	CVE-2023-44420	24 Jan 202621:32	–	circl
CNNVD	D-Link DIR-X3260 安全漏洞	3 May 202400:00	–	cnnvd
Cvelist	CVE-2023-44420 D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability	3 May 202402:13	–	cvelist
EUVD	EUVD-2023-48760	3 Oct 202520:07	–	euvd
NVD	CVE-2023-44420	3 May 202403:15	–	nvd
Positive Technologies	PT-2023-5698 · D Link · D-Link Dir-X3260	4 Oct 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-44420 D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability	3 May 202402:13	–	vulnrichment
Zero Day Initiative	(0Day) D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability	4 Oct 202300:00	–	zdi

NVD

Vulners

Vulnrichment

Node

dlink dir-x3260_firmwareRange<1.04b01

AND

dlink dir-x3260Match-

[
  {
    "vendor": "D-Link",
    "product": "DIR-X3260",
    "versions": [
      {
        "version": "1.02B02",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-23-1518/

13 May 2025 14:05Current

8.8High risk

Vulners AI Score8.8

CVSS 3.18.8

CVSS 38.8

EPSS0.00128

SSVC

CWE-303