Lucene search

[email protected]CVE-2023-45572

HistoryOct 16, 2023 - 6:15 a.m.

CVE-2023-45572

2023-10-1606:15:12

CWE-787

[email protected]

web.nvd.nist.gov

cve-2023-45572

buffer overflow

d-link

di-7003gv2.d1

di-7100g+v2.d1

di-7100gv2.d1

di-7200g+v2.d1

di-7200gv2.e1

di-7300g+v2.d1

di-7400g+v2.d1

security vulnerability

code execution

remote attack

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.4%

JSON

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function.

Affected configurations

NVD

Node

dlinkdi-7003gMatchv2.d1

AND

dlinkdi-7003g_firmwareRange≤23.08.25d1

Node

dlinkdi-7100g\+Matchv2.d1

AND

dlinkdi-7100g\+_firmwareRange≤23.08.23d1

Node

dlinkdi-7100gMatchv2.d1

AND

dlinkdi-7100g_firmwareRange≤23.08.23d1

Node

dlinkdi-7200g\+Matchv2.d1

AND

dlinkdi-7200g\+_firmwareRange≤23.08.23d1

Node

dlinkdi-7200gMatchv2.e1

AND

dlinkdi-7200g_firmwareRange≤23.08.23e1

Node

dlinkdi-7300g\+Matchv2.d1

AND

dlinkdi-7300g\+_firmwareRange≤23.08.23d1

Node

dlinkdi-7400g\+Matchv2.d1

AND

dlinkdi-7400g\+_firmwareRange≤23.08.23d1

CPENameOperatorVersion
dlink:di-7003g_firmwaredlink di-7003g firmwarele23.08.25d1

CPE	Name	Operator	Version
dlink:di-7003g_firmware	dlink di-7003g firmware	le	23.08.25d1

References

github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug1.md

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.4%

JSON

Related for CVE-2023-45572

cvelist1 prion1 nvd1