Buffer Overflow Vulnerability in D-Link DIR-823G Firmware
CVE-2023-26612

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: Dir-823g Firmware
Vendor: CVE Published:; 29 June 2023

What is CVE-2023-26612?

The D-Link DIR-823G firmware version 1.02B05 contains a buffer overflow vulnerability related to the HostName field in SetParentsControlInfo. This flaw could be exploited by an attacker to execute arbitrary code on the affected device, potentially leading to unauthorized access or disruption of service. Users are advised to apply any available updates and review their security configurations to mitigate this risk.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/726232111/VulIoT/tree/main/D-Link/DIR8...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 29, 2023
Vulnerability Reserved
Feb 27, 2023