CVE-2023-45575
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-45575 is a critical stack overflow vulnerability affecting multiple D-Link devices: DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before. The vulnerability is situated within the ip_position.asp function and arises due to inadequate input validation of the ip parameter. A remote attacker can effectively exploit this flaw to execute arbitrary code remotely. Users of the affected devices are advised to update their firmware as soon as patches become available.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- D LINK SYSTEMS INC