CVE-2023-45575

Name of the Vulnerable Software and Affected Versions D-Link DI-7003GV2 versions 23.08.25D1 and earlier D-Link DI-7100G versions 23.08.23D1 and earlier D-Link DI-7100GV2 version 23.08.23D1 D-Link DI-7200G versions 23.08.23D1 and earlier D-Link DI-7200GV2 versions 23.08.23E1 and earlier D-Link DI-7300G version 23.08.23D1 D-Link DI-7400G versions 23.08.23D1 and earlier

Description The issue is related to a buffer overflow in the ip position.asp function of D-Link router microprogrammed software. This can allow a remote attacker to execute arbitrary code. The vulnerability is exploited via the ip parameter of the ip position.asp function.

Recommendations For D-Link DI-7003GV2 version 23.08.25D1 and earlier, update to a version later than 23.08.25D1. For D-Link DI-7100G version 23.08.23D1 and earlier, update to a version later than 23.08.23D1. For D-Link DI-7100GV2 version 23.08.23D1, update to a version later than 23.08.23D1. For D-Link DI-7200G version 23.08.23D1 and earlier, update to a version later than 23.08.23D1. For D-Link DI-7200GV2 version 23.08.23E1 and earlier, update to a version later than 23.08.23E1. For D-Link DI-7300G version 23.08.23D1, update to a version later than 23.08.23D1. For D-Link DI-7400G version 23.08.23D1 and earlier, update to a version later than 23.08.23D1.