Rewterz Threat Advisory – CVE-2023-44959 – D-Link DSL-3782 Vulnerability

Rewterz Threat Update – Iran’s Crypto Exchange Accidentally Exposed User IDs, Credit Cards, and Passports

January 8, 2024

Rewterz Threat Alert – New Cyber Espionage Campaign by Sea Turtle APT Targets Dutch IT and Telecom Organizations – Active IOCs

January 8, 2024

Rewterz Threat Advisory – CVE-2023-44959 – D-Link DSL-3782 Vulnerability

Severity

Medium

Analysis Summary

CVE-2023-44959

D-Link DSL-3782 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper neutralization of user supplied-input by the network settings page. By sending a specially crafted request using the Router IP Address fields, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2023-44959

Affected Vendors

D-Link

Affected Products

D-Link DSL-3782 1.03

Remediation

Refer D-Link Website for patch, upgrade, or suggested workaround information.

D-Link Website

Rewterz Threat Update – Iran’s Crypto Exchange Accidentally Exposed User IDs, Credit Cards, and Passports

Rewterz Threat Alert – New Cyber Espionage Campaign by Sea Turtle APT Targets Dutch IT and Telecom Organizations – Active IOCs

Rewterz Threat Advisory – CVE-2023-44959 – D-Link DSL-3782 Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan