CVE-2023-49004

An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:dir-850l_firmware:fw223wwb01:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-850l:b1:*:*:*:*:*:*:*

History

22 Dec 2023, 21:31

Type Values Removed Values Added
CWE CWE-94
References () https://github.com/ef4tless/vuln/blob/master/iot/DIR-850L/bug1.md - () https://github.com/ef4tless/vuln/blob/master/iot/DIR-850L/bug1.md - Broken Link
CPE cpe:2.3:o:dlink:dir-850l_firmware:fw223wwb01:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-850l:b1:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

20 Dec 2023, 13:50

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-19 22:15

Updated : 2024-02-05 00:22


NVD link : CVE-2023-49004

Mitre link : CVE-2023-49004

CVE.ORG link : CVE-2023-49004


JSON object : View

Products Affected

dlink

  • dir-850l_firmware
  • dir-850l
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')