CVE-2023-39674
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-39674 is a recently disclosed vulnerability affecting the D-Link DIR-880 A1_FW107WWb08 router firmware. The issue stems from the use of the function fgets in an insecure manner, leading to a buffer overflow. An attacker can potentially exploit this vulnerability by crafting specially malformed input data, resulting in unintended code execution or system crashes. Successful exploitation could allow an attacker to gain unauthorized access to the affected router or install malware, posing a threat to network security. Users are strongly advised to update their router firmware to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- D LINK SYSTEMS INC