D-Link DAR-7000 updateos.php unrestricted upload
CVE-2023-5147
8.8HIGH
What is CVE-2023-5147?
A vulnerability has been identified in the D-Link DAR-7000 that allows for unrestricted file uploads via the /sysmanage/updateos.php endpoint. This vulnerability is particularly critical due to its potential for remote exploitation. The affected product is no longer supported by the vendor, and users are strongly advised to retire and replace it, as it poses a significant risk to security and data integrity. The exploit has been publicly disclosed, underscoring the urgency for affected users to take immediate action.
Affected Version(s)
DAR-7000 20151231