CVE-2023-43238

Name of the Vulnerable Software and Affected Versions D-Link DIR-816 A2 version 1.10CNB05

Description A stack overflow issue was discovered in the form2Dhcpip.cgi component of the D-Link DIR-816 A2 router's firmware. This issue is related to a buffer overflow in memory and can be exploited via the nvmacaddr parameter in the form2Dhcpip.cgi. Exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For D-Link DIR-816 A2 version 1.10CNB05, consider disabling access to the form2Dhcpip.cgi component until a patch is available. Restricting access to this component can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.