Vulnerability Details CVE-2023-44959
An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.608
EPSS Ranking 98.2%
CVSS Severity
CVSS v3 Score 8.8
References
- https://github.com/FzBacon/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection/blob/master/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection.md#cve-2023-27216_d-link_dsl-3782_router_command_injection
- https://github.com/FzBacon/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection/blob/master/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection.md#cve-2023-27216_d-link_dsl-3782_router_command_injection
Products affected by CVE-2023-44959
-
cpe:2.3:h:dlink:dsl-3782:-
-
cpe:2.3:o:dlink:dsl-3782_firmware:1.01
-
cpe:2.3:o:dlink:dsl-3782_firmware:1.03