CVE-2023-39750

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 21, 2023
Updated: Aug 24, 2023
CWE ID 120

Summary

CVE-2023-39750 is a newly discovered buffer overflow vulnerability affecting D-Link DAP-2660 v1.13 devices. The issue resides in the processing of the f_ipv6_enable parameter within the /bsc_ipv6 file. A maliciously crafted POST request can trigger the buffer overflow, potentially leading to arbitrary code execution and unauthorized access to the system. This vulnerability poses a significant risk to network security and requires immediate attention from D-Link and affected users.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share