CVE-2023-43238
CVSS 3.1 Score 9.8 of 10 (high)
Attack Complexity low
Confidentiality high
Integrity high
Availability high
Scope unchanged
Privileges Required none
Details
Published Sep 21, 2023
Updated: Sep 22, 2023
CWE ID 787
Summary
CVE-2023-43238 refers to a stack overflow vulnerability affecting D-Link DIR-816 A2 v1.10CNB05 routers. The issue arises due to an incorrect input validation check in the 'form2Dhcpip.cgi' file. Maliciously crafted input in the 'nvmacaddr' parameter can cause a stack overflow, potentially leading to unauthorized access or denial of service. This vulnerability can be exploited remotely, posing a significant risk to affected devices. Users are advised to apply the latest firmware updates to mitigate this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- D LINK SYSTEMS INC