Arbitrary Command Execution Vulnerability in D-Link DIR-842V2 Router
CVE-2023-33781

8.8HIGH

Key Information:

Vendor: D-Link
Status: Dir-842v2 Firmware
Vendor: CVE Published:; 7 June 2023

Badges

👾 Exploit Exists

Summary

A vulnerability in the D-Link DIR-842V2 router version 1.0.3 permits attackers to execute arbitrary commands on the device through the importation of maliciously crafted files. This security flaw can potentially lead to unauthorized access and compromise the integrity of the network.

References

http://d-link.com

https://www.dlink.com/en/security-bulletin/

http://dir-842v2.com

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 7, 2023
🟡
Public PoC available
Jun 3, 2023
👾
Exploit known to exist
Jun 3, 2023
Vulnerability Reserved
May 22, 2023