// For flags

CVE-2023-45580

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx and other parameters of the ddns.asp function

Vulnerabilidad de desbordamiento de búfer en el dispositivo D-Link DI-7003GV2.D1 v.23.08.25D1 y anteriores, DI-7100G+V2.D1 v.23.08.23D1 y anteriores, DI-7100GV2.D1 v.23.08.23D1, DI-7200G +V2.D1 v.23.08.23D1 y anteriores, DI-7200GV2.E1 v.23.08.23E1 y anteriores, DI-7300G+V2.D1 v.23.08.23D1 y DI-7400G+V2.D1 v.23.08. 23D1 y anteriores permiten a un atacante remoto ejecutar código arbitrario a través de wild/mx y otros parámetros de la función ddns.asp.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2023-10-09 CVE Reserved
  • 2023-10-16 CVE Published
  • 2024-10-16 CVE Updated
  • 2024-10-16 First Exploit
  • 2024-11-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Dlink
Search vendor "Dlink"
Di-7003g Firmware
Search vendor "Dlink" for product "Di-7003g Firmware"
<= 23.08.25d1
Search vendor "Dlink" for product "Di-7003g Firmware" and version " <= 23.08.25d1"
-
Affected
in Dlink
Search vendor "Dlink"
Di-7003g
Search vendor "Dlink" for product "Di-7003g"
v2.d1
Search vendor "Dlink" for product "Di-7003g" and version "v2.d1"
-
Safe
Dlink
Search vendor "Dlink"
Di-7100g\+ Firmware
Search vendor "Dlink" for product "Di-7100g\+ Firmware"
<= 23.08.23d1
Search vendor "Dlink" for product "Di-7100g\+ Firmware" and version " <= 23.08.23d1"
-
Affected
in Dlink
Search vendor "Dlink"
Di-7100g\+
Search vendor "Dlink" for product "Di-7100g\+"
v2.d1
Search vendor "Dlink" for product "Di-7100g\+" and version "v2.d1"
-
Safe
Dlink
Search vendor "Dlink"
Di-7100g Firmware
Search vendor "Dlink" for product "Di-7100g Firmware"
<= 23.08.23d1
Search vendor "Dlink" for product "Di-7100g Firmware" and version " <= 23.08.23d1"
-
Affected
in Dlink
Search vendor "Dlink"
Di-7100g
Search vendor "Dlink" for product "Di-7100g"
v2.d1
Search vendor "Dlink" for product "Di-7100g" and version "v2.d1"
-
Safe
Dlink
Search vendor "Dlink"
Di-7200g\+ Firmware
Search vendor "Dlink" for product "Di-7200g\+ Firmware"
<= 23.08.23d1
Search vendor "Dlink" for product "Di-7200g\+ Firmware" and version " <= 23.08.23d1"
-
Affected
in Dlink
Search vendor "Dlink"
Di-7200g\+
Search vendor "Dlink" for product "Di-7200g\+"
v2.d1
Search vendor "Dlink" for product "Di-7200g\+" and version "v2.d1"
-
Safe
Dlink
Search vendor "Dlink"
Di-7200g Firmware
Search vendor "Dlink" for product "Di-7200g Firmware"
<= 23.08.23e1
Search vendor "Dlink" for product "Di-7200g Firmware" and version " <= 23.08.23e1"
-
Affected
in Dlink
Search vendor "Dlink"
Di-7200g
Search vendor "Dlink" for product "Di-7200g"
v2.e1
Search vendor "Dlink" for product "Di-7200g" and version "v2.e1"
-
Safe
Dlink
Search vendor "Dlink"
Di-7300g\+ Firmware
Search vendor "Dlink" for product "Di-7300g\+ Firmware"
<= 23.08.23d1
Search vendor "Dlink" for product "Di-7300g\+ Firmware" and version " <= 23.08.23d1"
-
Affected
in Dlink
Search vendor "Dlink"
Di-7300g\+
Search vendor "Dlink" for product "Di-7300g\+"
v2.d1
Search vendor "Dlink" for product "Di-7300g\+" and version "v2.d1"
-
Safe
Dlink
Search vendor "Dlink"
Di-7400g\+ Firmware
Search vendor "Dlink" for product "Di-7400g\+ Firmware"
<= 23.08.23d1
Search vendor "Dlink" for product "Di-7400g\+ Firmware" and version " <= 23.08.23d1"
-
Affected
in Dlink
Search vendor "Dlink"
Di-7400g\+
Search vendor "Dlink" for product "Di-7400g\+"
v2.d1
Search vendor "Dlink" for product "Di-7400g\+" and version "v2.d1"
-
Safe