CVE-2023-48842

Name of the Vulnerable Software and Affected Versions D-Link Go-RT-AC750 revA v101b03

Description The issue is related to a command injection vulnerability via the service parameter at "hedwig.cgi". This vulnerability is associated with a lack of input data sanitization measures in the D-LINK GO-RT-AC750 router's firmware. Exploitation of this issue may allow a remote attacker to execute arbitrary commands.

Recommendations As a temporary workaround, consider disabling access to the "hedwig.cgi" endpoint until a patch is available. Restrict access to the service parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.