CVE-2023-43238

CVSS 3.1 Score 9.8 of 10 (high)

Attack Complexity low
Confidentiality high
Integrity high
Availability high
Scope unchanged
Privileges Required none

Details

Published Sep 21, 2023
Updated: Sep 22, 2023
CWE ID 787

Summary

CVE-2023-43238 refers to a stack overflow vulnerability affecting D-Link DIR-816 A2 v1.10CNB05 routers. The issue arises due to an incorrect input validation check in the 'form2Dhcpip.cgi' file. Maliciously crafted input in the 'nvmacaddr' parameter can cause a stack overflow, potentially leading to unauthorized access or denial of service. This vulnerability can be exploited remotely, posing a significant risk to affected devices. Users are advised to apply the latest firmware updates to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share