Lucene search

[email protected]NVD:CVE-2023-41603

HistoryJan 10, 2024 - 8:15 a.m.

CVE-2023-41603

2024-01-1008:15:37

[email protected]

web.nvd.nist.gov

d-link

r15

firewall

vulnerability

ipv6

traffic

attackers

services

device

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

33.6%

JSON

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6.

Affected configurations

Nvd

Node

dlinkr15_firmwareRange≤1.08.02

AND

dlinkr15Match-

VendorProductVersionCPE
dlinkr15_firmware*cpe:2.3:o:dlink:r15_firmware:*:*:*:*:*:*:*:*
dlinkr15-cpe:2.3:h:dlink:r15:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dlink	r15_firmware	*	cpe:2.3:o:dlink:r15_firmware::::::::
dlink	r15	-	cpe:2.3:h:dlink:r15:-:::::::*

References

supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10347

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

33.6%

JSON

Related for NVD:CVE-2023-41603

cve1 cvelist1 prion1 cnvd1