PT-2023-21013 · D Link · D-Link Dsl-3782

0Xless

Published

2023-02-10

Updated

2025-02-10

CVE-2023-27216

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions D-Link DSL-3782 version 1.03

Description An issue in the D-Link DSL-3782 allows remote authenticated users to execute arbitrary code as root via the network settings page.

Recommendations For D-Link DSL-3782 version 1.03, consider restricting access to the network settings page until a patch is available. As a temporary workaround, limit the privileges of authenticated users to minimize the risk of exploitation.

Exploit

Fix

XSS

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-78

Related Identifiers

BDU:2023-06564

CVE-2023-27216

Affected Products

D-Link Dsl-3782

PT-2023-21013 · D Link · D-Link Dsl-3782

CVE-2023-27216

Weakness Enumeration

Related Identifiers

Affected Products

References · 15