CVE-2023-41603
Severity Score
5.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6.
Se descubrió que D-Link R15 anterior a v1.08.02 no contenía restricciones de firewall para el tráfico IPv6. Esto permite a los atacantes acceder arbitrariamente a cualquier servicio que se ejecute en el dispositivo y que pueda estar escuchando inadvertidamente a través de IPv6.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-08-30 CVE Reserved
- 2024-01-10 CVE Published
- 2024-08-02 CVE Updated
- 2024-09-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10347 | 2024-01-12 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dlink Search vendor "Dlink" | R15 Firmware Search vendor "Dlink" for product "R15 Firmware" | <= 1.08.02 Search vendor "Dlink" for product "R15 Firmware" and version " <= 1.08.02" | - |
Affected
| in | Dlink Search vendor "Dlink" | R15 Search vendor "Dlink" for product "R15" | - | - |
Safe
|