CVE-2023-36091

Name of the Vulnerable Software and Affected Versions D-Link DIR-895 version FW102b07

Description The issue is related to a function called phpcgi main in the D-Link DIR-895 router's firmware, which has weaknesses in its authentication procedure. This can be exploited by a remote attacker to gain escalated privileges. The vulnerability only affects products that are no longer supported by the maintainer.

Recommendations For D-Link DIR-895 version FW102b07, as the product is no longer supported by the maintainer, consider replacing the device with a supported model to mitigate the risk of exploitation. As a temporary workaround, restrict access to the cgibin directory and the phpcgi main function to minimize the risk of exploitation.