// For flags

CVE-2023-4711

D-Link DAR-8000-10 decodmail.php os command injection

Severity Score

8.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-238574 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Una vulnerabilidad, clasificada como crítica, ha sido encontrada en D-Link DAR-8000-10 hasta 20230819.Una función desconocida del archivo /log/decodmail.php es afectada por este problema. La manipulación del argumento "file" conduce a la inyección de comandos de tipo "os". El ataque se puede iniciar de forma remota. La complejidad de un ataque es bastante alta. Se sabe que la explotación es difícil. El exploit ha sido revelado al público y puede ser utilizado. VDB-238574 es el identificador asignado a esta vulnerabilidad. NOTA: Se contactó primeramente al proveedor sobre esta divulgación, pero no respondió de ninguna manera.

Eine kritische Schwachstelle wurde in D-Link DAR-8000-10 bis 20230819 entdeckt. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /log/decodmail.php. Mittels Manipulieren des Arguments file mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Die Komplexität eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur öffentlichen Verfügung.

*Credits: Tinkanet
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
Attack Vector
Network
Attack Complexity
High
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
Poc
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2023-09-01 CVE Reserved
  • 2023-09-01 CVE Published
  • 2024-08-02 CVE Updated
  • 2024-08-02 First Exploit
  • 2024-10-03 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (2)
URL Tag Source
https://vuldb.com/?id.238574 Technical Description
URL Date SRC
https://github.com/TinkAnet/cve/blob/main/rce.md 2024-08-02
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Dlink
Search vendor "Dlink"
 Dar-8000-10 Firmware
Search vendor "Dlink" for product "Dar-8000-10 Firmware"
 <= 20230819
Search vendor "Dlink" for product "Dar-8000-10 Firmware" and version " <= 20230819"
-
Affected
in Dlink
Search vendor "Dlink"
 Dar-8000-10
Search vendor "Dlink" for product "Dar-8000-10"
--
Safe