CVE-2023-43206: Command Injection
First published: Wed Sep 20 2023(Updated: )
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function web_cert_download_handler. This vulnerability allows attackers to execute arbitrary commands via the certDownload parameter.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dlink Dwl-6610ap Firmware | =4.3.0.8b003c | |
| Dlink Dwl-6610ap | ||
| All of | ||
| Dlink Dwl-6610ap Firmware | =4.3.0.8b003c | |
| Dlink Dwl-6610ap |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-43206.
What is the severity level of CVE-2023-43206?
The severity level of CVE-2023-43206 is critical, with a severity value of 9.8.
What software is affected by CVE-2023-43206?
The affected software is D-LINK DWL-6610 FW_v_4.3.0.8B003C.
What is the vulnerability in D-LINK DWL-6610 FW_v_4.3.0.8B003C?
The vulnerability in D-LINK DWL-6610 FW_v_4.3.0.8B003C is a command injection vulnerability in the function web_cert_download_handler.
How can attackers exploit CVE-2023-43206?
Attackers can exploit CVE-2023-43206 by executing arbitrary commands via the certDownload parameter.
- collector/nvd-index
- agent/type
- agent/author
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/references
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/dlink
- canonical/dlink dwl-6610ap firmware
- version/dlink dwl-6610ap firmware/4.3.0.8b003c
- canonical/dlink dwl-6610ap