CVE-2023-43284

Name of the Vulnerable Software and Affected Versions D-Link DIR-846 version 100A53DBR-Retail

Description The issue is related to the lack of protection of the web page structure when handling the QoS POST parameter, allowing a remote attacker to execute arbitrary code. This can be achieved through an unspecified manipulation of the QoS POST parameter.

Recommendations For version 100A53DBR-Retail, update the firmware to a version that fixes this issue. As a temporary workaround, consider restricting access to the QoS parameter in the web interface until a patch is available.