CVE-2023-48842

9.8CRITICAL

Key Information

Vendor: D-Link
Status: Go-rt-ac750 Firmware
Vendor: CVE Published:; 1 December 2023

Badges

👾 Exploit Exists🔴 Public PoC

Summary

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-48842
Created by creacitysec

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit exists.
Dec 3, 2023
Vulnerability published.
Dec 1, 2023
Vulnerability Reserved.
Nov 20, 2023

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)