CVE-2023-44959

Name of the Vulnerable Software and Affected Versions D-Link DSL-3782 versions 1.03 and earlier

Description The issue allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page. This is related to the lack of protection measures for the web page structure when handling the Router IP Address fields. Exploitation of the issue can allow a remote attacker to execute arbitrary code.

Recommendations For D-Link DSL-3782 versions 1.03 and earlier, consider disabling access to the network settings page until a patch is available. Restrict access to the Router IP Address fields to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.