D-Link DAR-7000/DAR-8000 updatelib.php unrestricted upload
CVE-2023-5146
8.8HIGH
What is CVE-2023-5146?
A vulnerability has been identified in certain D-Link router models, specifically DAR-7000 and DAR-8000, where an unrestricted file upload can be executed via the /sysmanage/updatelib.php file. This unauthorized upload can be initiated remotely, allowing an attacker to implement harmful files on the system. It’s important to note that these products are no longer supported by D-Link, raising significant risk for users. Organizations using these devices should consider replacement or alternative security measures to mitigate potential threats.
Affected Version(s)
DAR-7000 20151231
DAR-8000 20151231