Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-5074

Published: 20/09/2023 Updated: 22/09/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to D-view 8

Vulnerability Summary

Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28

Vulnerable Product Search on Vulmon Subscribe to Product

dlink d-view 8 2.0.1.28

Vendor Advisories

Check Point Security Alerts: D-Link D-View 8 Authentication Bypass (CVE-2023-5074)
Check Point Reference: CPAI-2023-1447 Date Published: 11 Jan 2024 Severity: Critical ...

Github Repositories

https://github.com/codeb0ss/CVE-2023-5074-PoC

Mass Exploit - CVE-2023-5074 / D-Link D-View < Authentication Bypass

CVE-2023-5074-PoC Mass Exploit - CVE-2023-5074 / D-Link D-View &lt; Authentication Bypass python27 Exploit :

References

CWE-798https://www.tenable.com/security/research/tra-2023-32https://nvd.nist.govhttps://github.com/codeb0ss/CVE-2023-5074-PoChttps://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1447.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook