CVE-2023-41603

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 10, 2024

Updated: Jan 12, 2024

Summary

CVE-2023-41603 is a vulnerability affecting D-Link R15 devices before version 1.08.02. The issue involves a lack of firewall restrictions for IPv6 traffic. This weakness exposes any services running on the device that unintentionally listen via IPv6, enabling attackers to access these services arbitrarily. This vulnerability poses a significant risk as IPv6 traffic often goes unfiltered in many networks, increasing the risk of unauthorized access and potential data breaches. Devices should be updated to the latest firmware to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sgJY6z
https://www.cve.org/CVERecord?id=CVE-2023-41603
https://nvd.nist.gov/vuln/detail/CVE-2023-41603

Back to Vulnerability Database

CVE-2023-41603

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations