Command Injection Vulnerability in D-Link DWL-6610 Device
CVE-2023-43206
9.8CRITICAL
What is CVE-2023-43206?
A command injection vulnerability exists in the D-Link DWL-6610 device, specifically in the web_cert_download_handler function. This flaw allows an attacker to execute arbitrary commands by manipulating the certDownload parameter. If exploited, this vulnerability could lead to unauthorized access and control over the affected device, posing significant risks to network integrity and confidentiality.