First published: Tue Oct 10 2023(Updated: )
An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dsl-3782 Firmware | <=1.03 | |
Dlink Dsl-3782 | ||
All of | ||
Dlink Dsl-3782 Firmware | <=1.03 | |
Dlink Dsl-3782 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-44959.
The severity of CVE-2023-44959 is high with a CVSS score of 8.8.
CVE-2023-44959 allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page in D-Link DSL-3782 firmware version 1.03 and earlier.
Yes, D-Link DSL-3782 firmware version 1.03 and earlier is vulnerable to CVE-2023-44959.
At the time of this writing, there is no known fix or patch available for CVE-2023-44959. It is recommended to update to a firmware version that addresses this vulnerability, if provided by the vendor, once available.