Severity
High
Analysis Summary
CVE-2023-50198, CVE-2023-50199, CVE-2023-50200, CVE-2023-50201
D-Link G416 could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in the HTTP service listening on TCP port 80. By sending a specially crafted request, an attacker could exploit this vulnerability to execute code in the context of root.
CVE-2023-50202, CVE-2023-50203, CVE-2023-50214, CVE-2023-50215
D-Link G416 could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in the HTTP service listening on TCP port 80. By sending a specially crafted request, an attacker could exploit this vulnerability to execute code in the context of root.
CVE-2023-50210, CVE-2023-50211, CVE-2023-50212, CVE-2023-50216, CVE-2023-50217
D-Link G416 devices could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the HTTP service listening on TCP port 80. By sending a specially crafted system call, an attacker could exploit this vulnerability to execute arbitrary code in the context of root.
Impact
- Gain Access
- Information Disclosure
- Buffer Overflow
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-50198
- CVE-2023-50199
- CVE-2023-50200
- CVE-2023-50201
- CVE-2023-50202
- CVE-2023-50203
- CVE-2023-50214
- CVE-2023-50215
- CVE-2023-50210
- CVE-2023-50211
- CVE-2023-50212
- CVE-2023-50216
- CVE-2023-50217
Affected Vendors
D-Link
Affected Products
- D-Link G416 1.08b02
Remediation
Refer to D-Link Website for patch, upgrade or suggested workaround information.