D-Link D-View 8 Unauthenticated Probe-Core Server Communication
CVE-2023-7163

10CRITICAL

Key Information:

Vendor: D-Link
Status: D-View 8
Vendor: CVE Published:; 28 December 2023

Summary

A security flaw in D-Link's D-View 8 service allows attackers to manipulate the probe inventory, potentially leading to unauthorized access to sensitive information from other probes. The vulnerability can also cause denial of service scenarios by saturating the probe inventory, disrupting normal operations. Prompt mitigation is recommended to safeguard against these potential threats.

Affected Version(s)

D-View 8 0 <= 2.0.2.89

References

https://tenable.com/security/research/tra-2023-43

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 28, 2023
Vulnerability Reserved
Dec 28, 2023