CVE-2023-50203

Name of the Vulnerable Software and Affected Versions D-Link G416 (affected versions not specified)

Description The issue is related to a command injection vulnerability in the nodered chmod function of the D-Link G416 router's firmware. This vulnerability can be exploited by a remote attacker to execute arbitrary code by connecting to TCP port 80. The problem arises from the lack of proper validation of a user-supplied string before using it to execute a system call, allowing an attacker to execute code in the context of root. No authentication is required to exploit this vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.