CVE-2023-43204

Name of the Vulnerable Software and Affected Versions D-LINK DWL-6610 version FW v 4.3.0.8B003C

Description The issue is related to a command injection vulnerability in the sub 2EF50() function. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter. The exploitation of this vulnerability can impact the confidentiality, integrity, and availability of protected information.

Recommendations For D-LINK DWL-6610 version FW v 4.3.0.8B003C, as a temporary workaround, consider disabling the sub 2EF50() function until a patch is available. Restrict access to the manual-time-string parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.