Critical Vulnerability in D-Link DI-8003 Could Lead to Remote Attacks

CVE-2024-11047

9.8CRITICAL

Key Information

Vendor
D-link
Status
Di-8003
Vendor
CVE Published:
10 November 2024

Summary

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Affected Version(s)

DI-8003 = 16.07.16A1

Refferences

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

theRaz0r (VulDB User)
.