D-Link DAR-7000 userattestation.php unrestricted upload
CVE-2023-5149
8.8HIGH
What is CVE-2023-5149?
A vulnerability exists in the D-Link DAR-7000, specifically in the processing of the 'web_img' argument in the '/useratte/userattestation.php' file, allowing for unrestricted file uploads. This flaw can be exploited remotely, posing significant security risks to users. It is crucial to note that this vulnerability affects products that are no longer supported by the vendor, emphasizing the need for users to retire and replace their devices to mitigate potential threats.
Affected Version(s)
DAR-7000 20151231