CVE-2023-39674

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 18, 2023
Updated: Aug 25, 2023
CWE ID 120

Summary

CVE-2023-39674 is a recently disclosed vulnerability affecting the D-Link DIR-880 A1_FW107WWb08 router firmware. The issue stems from the use of the function fgets in an insecure manner, leading to a buffer overflow. An attacker can potentially exploit this vulnerability by crafting specially malformed input data, resulting in unintended code execution or system crashes. Successful exploitation could allow an attacker to gain unauthorized access to the affected router or install malware, posing a threat to network security. Users are strongly advised to update their router firmware to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share